galaxyfirmware.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Submission: On February 17 via manual (February 17th 2022, 12:33:35 pm UTC) from PK — Scanned from DE

Summary HTTP 149 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 31 domains to perform 149 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is galaxyfirmware.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.

This is the only time galaxyfirmware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.95.64 143.204.95.64	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3032::6815:26a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	192.82.242.209 192.82.242.209	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:cf80:c203:5e45:e44	16509 (AMAZON-02) (AMAZON-02)
1 1	141.95.157.215 141.95.157.215	16276 (OVH) (OVH)
13	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1	18.66.248.39 18.66.248.39	16509 (AMAZON-02) (AMAZON-02)
2	3.248.87.88 3.248.87.88	16509 (AMAZON-02) (AMAZON-02)
149	40

38 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

galaxyfirmware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-64.fra50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:26a6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.trakteer.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.82.242.209 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:cf80:c203:5e45:e44 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.157.215 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3212474.ip-141-95-157.eu

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-39.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.87.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	galaxyfirmware.com galaxyfirmware.com	757 KB
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 638 pix.eu.criteo.net — Cisco Umbrella Rank: 7678 csm.eu.criteo.net — Cisco Umbrella Rank: 7893	793 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 1936 ad4m.at — Cisco Umbrella Rank: 1613 assets.ad4m.at — Cisco Umbrella Rank: 33179	594 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	37 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	595 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	228 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59	25 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19741 api.webgains.io — Cisco Umbrella Rank: 54493	51 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7942 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14241 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9904	53 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 41085	87 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 582	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 102176 static-de.ad4mat.net — Cisco Umbrella Rank: 139961	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	76 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	83 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 14416	704 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl — Cisco Umbrella Rank: 7252	338 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1383	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 288	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1330	350 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 927	463 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	650 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	295 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1184	5 KB
1	trakteer.id cdn.trakteer.id — Cisco Umbrella Rank: 246448	81 KB
1	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 6058	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	36 KB
0	media01.eu Failed pb.media01.eu Failed
149	31

	Domain	Requested by
38	galaxyfirmware.com	galaxyfirmware.com
13	pix.eu.criteo.net	ads.eu.criteo.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com galaxyfirmware.com
7	static.criteo.net	ads.eu.criteo.com
6	assets.ad4m.at	as.ad4m.at
6	www.gstatic.com	www.google.com www.gstatic.com
6	pagead2.googlesyndication.com	galaxyfirmware.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	www.google.com	galaxyfirmware.com www.gstatic.com www.google.com googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	tpc.googlesyndication.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	galaxyfirmware.com cdnjs.cloudflare.com
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	csm.eu.criteo.net	ads.eu.criteo.com
2	image6.pubmatic.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	galaxyfirmware.com connect.facebook.net
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	prod-rtb.ad4mat.net	galaxyfirmware.com
1	rtb.fr.eu.criteo.com	galaxyfirmware.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	galaxyfirmware.com
1	static.cloudflareinsights.com	galaxyfirmware.com
1	cdn.trakteer.id	galaxyfirmware.com
1	z-na.amazon-adsystem.com	galaxyfirmware.com
1	www.googletagmanager.com	galaxyfirmware.com
0	pb.media01.eu Failed	as.ad4m.at
149	44

This site contains links to these domains. Also see Links.

Domain
opencorner.net
t.me
bit.ly
www.facebook.com
twitter.com
www.linkedin.com
www.reddit.com
news.ycombinator.com
www.rarlab.com
www.7-zip.org
en.wikipedia.org
trakteer.id
rapidapi.com
www.roosterkid.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-14` - `2022-06-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-26` - `2022-02-24`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon	`2022-01-17` - `2023-01-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Frame ID: A590145B224DD910CAB75299611E93A3
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220215/r20190131/zrt_lookup.html
Frame ID: 47715F6B84267C320EEDE37521B969F7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcE_bMZAAAAAFuYMvk8is_qOcpBs-_JWe6oRP0q&co=aHR0cHM6Ly9nYWxheHlmaXJtd2FyZS5jb206NDQz&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=normal&cb=x6evo9uyum0q
Frame ID: 7022CC80DAA7FE88C96A6B07D2C05A85
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&adk=1812271804&adf=3025194257&lmt=1645101209&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101209776&bpp=3&bdt=458&idt=186&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2814387080110&frm=20&pv=2&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=209
Frame ID: 4491574B8837E9DEB31C79173FBEC8A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&slotname=1539757937&adk=496153447&adf=3243064002&pi=t.ma~as.1539757937&w=698&fwrn=4&fwrnh=100&lmt=1645101209&rafmt=1&psa=0&format=698x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101209779&bpp=2&bdt=461&idt=214&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=807YCtAbGW&p=https%3A//galaxyfirmware.com&dtd=218
Frame ID: 871C589B77D172529859D62C2C8081AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&slotname=7734322770&adk=2931471175&adf=2362057675&pi=t.ma~as.7734322770&w=730&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101209781&bpp=1&bdt=463&idt=228&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C698x280&nras=1&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MkIQ1c8yiT&p=https%3A//galaxyfirmware.com&dtd=232
Frame ID: 829ED9F8F657485F7905F32052D170CD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6LcE_bMZAAAAAFuYMvk8is_qOcpBs-_JWe6oRP0q
Frame ID: C97364029E09ADC8574FB462BA2596D6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&adk=1414751727&adf=844121993&pi=t.aa~a.2585407270~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&to=qs&pwprc=2863713297&psa=1&format=350x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101210328&bpp=1&bdt=1010&idt=1&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46e804f4562efca5-2215decd45cd0001%3AT%3D1645101210%3ART%3D1645101210%3AS%3DALNI_MYf86XXTt5hngMlq0BrqPx8WvgHbA&prev_fmts=0x0%2C698x280%2C730x280&nras=2&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=bCGku3gU9c&p=https%3A//galaxyfirmware.com&dtd=12
Frame ID: 87DE22F846FA2ED73D2F789295FC4157
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220215/r20110914/zrt_lookup.html?fsb=1
Frame ID: D625A839D012DFD0875275390C2CD081
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg5AmgAA-I8Hg4jnAASyHtqX3ILGFsCKuE19TA&u=%7CJBtMYBYRISyOemet8GwOoy73zvsUJyJQeG2Z1NX7ERQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zlZt1y_ZbsEBOrMw6EvLaxGb6pTVjoR-sYU1ohWjHg09-sdXatFm-OWjjyZsrE5-kLw0uROukgrupqwam8BdFNL4c3ZTWgRwcUrxGVFQfKAA_fVuufc3X2GcVYyxxzqZFujjKEh8PZIA7ZFnSGK9v1HX0of-oALJBtVlAuHZ5V34LCVcYJpTDseh2EtgVFs7uEOhLV9iEQFSWbUdaN6IjdSa0fixDKjSX5SISuYuZCHDCNfJnoc_PdeSFMtce3qyr-arTSoIHuE_XEGge2dGKmcMEl4cI-a_vFdMHGAF_Ff3N58vP3cdKIxo-HF9s38z8dbgC_SiML49aCwn775iu7ta2SqLCuqQduAE324fAbV7DQ4UBrom1gx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNujmkAOYo_xA-eRjuwPnuSSoAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NTM2MjUyMzgxMjQxNTYyoAHVttLqA8gBCakCXO63EBcQsz6oAwGqBN0BT9AGqt_9HaDNMFMciITA4cFDvFA6_wuqol1lO_3uT5YKbGTEWozJj3IdvQAzT-mGXTx2kV1ybgb6Aja84LuACy_vryGrNqhj5wEt19CmonRcg2dYkBKMcctVG47uPWw-5guh1sdN2BbpGNB1OjWW9fSjuxQk5VQZ-5ba2C2jgAxL3sZdtUGooGAReNX5N8jvQVhNvcpKMrCtOEWnhky7Y-Cg9tPZLy_98RO2I4zkGSXOM5bYQVBMkGidepbTJSgrqL7GL5VifXpvqWd2YCkAllPMAUAtEy8WUNMXEQGABu254_fxrPujjgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23znf5JjetYQ1R_A3b9PZ7F4VFdA%26client%3Dca-pub-4536252381241562%26adurl%3D
Frame ID: 7AD570052FBD4393F3853FDB3704B2AD
Requests: 28 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gmca68tzhm1xkkj3pd2hcezq3wanm7pybeav1qg4fada4d304m2whgtg40pjtv5k37qk1gx2v4zx8pgcc0t90ahcycbccb57cd4jhqszamqt9f9g3md5ea9mg3y0p9y1ff4dftjjr4gfctf2439t93z2w3zqvqbqy4p6n8z9c35sk7a17nj399mpf7ma5asevnrf1q91gw8z98kvkbk40mdd7gd5j772evpv7an4w44s0r9dz77atcggve75s7w4jja970303fq41daj2127kxcs74w0cd93cs4m6z3y7fraf5j0hx5sypmx5rzft1cf7w3nnr1gyhta19e4be23w9x7bfwsrwjgxe24p6ywkqvk8q1mza56pr63cnz6ehytd2ngkxgx5hkgzt1hj2c2jm29jzwfnsbhjtkrt8ctpnr846wfdrwn3t04hs5vp7ztw9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%26client%3Dca-pub-4536252381241562%26adurl%3D
Frame ID: EBFFDD6F65C727F329A292F06B14CABE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/window_focus_fy2019.js
Frame ID: B6AAE39BBF49FEA2CAC03EAAD32BF7C6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FD8E6725276F94C4750382B18FF0126A
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 354CADF39DECBA0C7C1CD659A94A3831
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Frame ID: 88D920FDECBBAF039E5C9CCC9C5339C9
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Galaxy Firmware - Samsung Galaxy S4 mini GT-I9192 (CAC) | I9192XXSCQA2

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

149
Requests

97 %
HTTPS

67 %
IPv6

31
Domains

44
Subdomains

40
IPs

6
Countries

3546 kB
Transfer

6040 kB
Size

16
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://opencorner.net/categories/android-roms-recoveries
Title: Community

Search URL Search Domain Scan URL

URL: https://t.me/galaxyfirmware_com
Title: Join our Telegram

Search URL Search Domain Scan URL

URL: https://bit.ly/3dEVJvS
Title: Buy me a storage

Search URL Search Domain Scan URL

URL: https://opencorner.net/discussion/6/list-samsung-galaxy-devices-eligible-for-the-one-ui-4-0-update-android-12
Title: List Samsung Galaxy devices eligible for the One UI 4.0 update (Android 12)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Download%20Firmware%20Samsung%20Galaxy%20S4%20mini%20%28GT-I9192%29&url=https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2/&title=Download%20Firmware%20Samsung%20Galaxy%20S4%20mini%20%28GT-I9192%29

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2/&title=Download%20Firmware%20Samsung%20Galaxy%20S4%20mini%20%28GT-I9192%29

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2/&t=Download%20Firmware%20Samsung%20Galaxy%20S4%20mini%20%28GT-I9192%29

Search URL Search Domain Scan URL

URL: https://www.rarlab.com/download.htm
Title: WinRAR

Search URL Search Domain Scan URL

URL: https://www.7-zip.org/download.html
Title: 7-Zip

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Samsung_Galaxy_S_series

Search URL Search Domain Scan URL

URL: https://trakteer.id/roosterkid/tip

Search URL Search Domain Scan URL

URL: https://rapidapi.com/ariesbrow/api/galaxy-firmware
Title: Developer

Search URL Search Domain Scan URL

URL: https://www.roosterkid.com/
Title: Roosterkid.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENVvntVCOvK0-Ma_mb8iThA&google_cver=1&google_push=AYg5qPKAEyroDomDD6Iva_kJSDTCFR1Cn5lhujXk07Q0oMVxg2XVhRq4Qs2rAgT-gzDd4jhFdq9FHXE7wmRB0pIdGr2zMZdvU1c HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENVvntVCOvK0-Ma_mb8iThA&google_cver=1&google_push=AYg5qPKAEyroDomDD6Iva_kJSDTCFR1Cn5lhujXk07Q0oMVxg2XVhRq4Qs2rAgT-gzDd4jhFdq9FHXE7wmRB0pIdGr2zMZdvU1c&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jr9HtJajSvKw3ah02y5W4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKAEyroDomDD6Iva_kJSDTCFR1Cn5lhujXk07Q0oMVxg2XVhRq4Qs2rAgT-gzDd4jhFdq9FHXE7wmRB0pIdGr2zMZdvU1c

Request Chain 105

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBUvljGfle3YteGzaIr_CIk&google_cver=1&google_push=AYg5qPLu15U6S9eC5yd12l9hYP37aUlND9fukRb9oFUj9NWL-ss6g4Wr8VaIMSKS3iFKJjUHIiehaC5WjaV5SOTm2SjBcgIgsVk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRWVNBNVEtMjgtQU8wRA==&google_push=AYg5qPLu15U6S9eC5yd12l9hYP37aUlND9fukRb9oFUj9NWL-ss6g4Wr8VaIMSKS3iFKJjUHIiehaC5WjaV5SOTm2SjBcgIgsVk

Request Chain 106

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_cver=1&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1

Request Chain 108

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJZCMqFhAUXABAOZHXxTNW8&google_cver=1&google_push=AYg5qPLF3BsFjmMSkVOLw_O-SFtKdbQPfOXpXXKutL94WMwnhxMprhinHCL0X7w_i2PTNvkFurk5Tx_Vce_YdzFOVGhK8WH5aRvJ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLF3BsFjmMSkVOLw_O-SFtKdbQPfOXpXXKutL94WMwnhxMprhinHCL0X7w_i2PTNvkFurk5Tx_Vce_YdzFOVGhK8WH5aRvJ&google_hm=

Request Chain 139

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=

149 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request I9192XXSCQA2 Show response
galaxyfirmware.com/model/GT-I9192/CAC/ 30 KB
9 KB 708ms
658ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / You <3
Resource Hash: 55e5d2d0c174ba4614b1c21afe5fbed21e5943768634928bb9c5e3ad0075a1f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: You <3
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVaiRZ3gjoE125JCkbFUSlJa3w7uPrn5iVgSuT3qYJGp4T3y49Km08imgEDfaPsTZchhHEEB2mkubSNjpSj%2BxHgZdXBhHcnMtXNdULhozEbQ82XqQGnIPjdCyyGfMn21O4q2YS4WK90x5ysIFb%2FupC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6def0b5a19226946-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 137ms
48ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eacfa8f55b323cbd47190382a9851e359181aae709d172d52b4da9303e86c56d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Thu, 17 Feb 2022 12:33:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 136ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 11:01:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 12:33:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 12:33:29 GMT

GET
H2 200 bootstrap.min.css
galaxyfirmware.com/assets/css/ 157 KB
25 KB 27ms
26ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/css/bootstrap.min.css
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180527
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 May 2020 16:52:01 GMT
server: cloudflare
static-cache: HIT
etag: W/"27293-5a5764848ae40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B5uvn3gib4Svd%2FS5EI46A6oRBSLYLRpx4dy8NwKV%2BeKp9tTvHut00cYpsXw6i4QcIYIcnMKCqOe9q2R6dp8fC%2Bayz1jBN%2BhL6mQ1Rvi7Squ9MBEq865%2Bm6Y9vkVUeGgo9NetCuk%2FBHUFIp32rRw%2F3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 6def0b5e6af06946-FRA
expires: Tue, 22 Feb 2022 10:24:42 GMT

GET
H2 200 cookiealert.css
galaxyfirmware.com/assets/css/ 12 KB
9 KB 28ms
27ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/css/cookiealert.css
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5980c9242ef84464db5b59819ec2054be78b1582421cc09506d1659c39298e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 283314
cf-polished: origSize=12190
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Dec 2021 03:59:47 GMT
server: cloudflare
static-cache: EXPIRED
etag: W/"2f9e-5d2ff1a885b9e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BjCJGPQ1k4AAX7HwqC2Di4M7guKPin%2BfeGqBWxAcjVB29oNqmgj%2FRwrs%2FMiuzGy6sOT%2Fk%2BcuUnM2xsX9JOIGqnQvyTYdpA3A%2BHUfOBgG06wwsSoSp1y5Ak0SEpF8tp8RHyzT1Hu47qE%2BSmdyxgDgxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 6def0b5e6af26946-FRA
expires: Mon, 21 Feb 2022 05:51:35 GMT

GET
H2 200 style.css
galaxyfirmware.com/assets/css/ 4 KB
2 KB 31ms
30ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/css/style.css
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3274465ad563e4b4b0eba51ca9905ceebc329ba0a276adc118c85c1d6a326d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172016
cf-polished: origSize=4212
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 08:30:28 GMT
server: cloudflare
static-cache: HIT
etag: W/"1074-5d663e5bc9100-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YQKv7TygUmNPoYUZtrmFRpRrSEVpi4oiCP65pgvY3wolwcw5aNDR60g0O%2BwvGC1M%2Bi4j90yR33ALE09crnES2vd6X%2BTrNuVORPlp1JHtcwCZs4E9BByup6QzimZbeqwhRy7cN6CHNHYWdKu9JPTwbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 6def0b5e6af66946-FRA
expires: Tue, 22 Feb 2022 12:46:33 GMT

GET
H2 200 icon.css
galaxyfirmware.com/assets/css/ 153 KB
28 KB 31ms
30ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/css/icon.css
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e1e107ee0cbb80dc4d09b1ad0c4889e3b7f5a18a3a67cb77394b0b8d32f1bb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180526
cf-polished: origSize=156377
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Jun 2020 05:30:19 GMT
server: cloudflare
static-cache: HIT
etag: W/"262d9-5a855127690c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JznyeEO4MjyY9I3YAwd6dAMpcGdHDhmzlQJXtclttxt7wES%2Bm7al%2FX6M1vXFadLlfNvhxcmwHxBDUCFfEGimX%2BrV%2By7TCQ7nzkmOzEAhdVeQ%2BN1ua1TT9VwEYzorfAKDqWqZVKmWZnBcjBHIDW5qkuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 6def0b5e6af76946-FRA
expires: Tue, 22 Feb 2022 10:24:43 GMT

GET
H2 200 flag-icon.min.css
galaxyfirmware.com/assets/css/ 33 KB
2 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/css/flag-icon.min.css
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 07:13:44 GMT
server: cloudflare
static-cache: HIT
etag: W/"84a9-5aa9de5b53a00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGgredc4fRmThDSp%2B%2BJ1QtmC26jMdQSC0OjQezigkhD%2BWah6zvhDfSyPkIuPP0LsUTxF%2F9Op5W4BGV5txc9E6XuSPEwc8bVR8mjU1%2FBpNtiw6%2BA9Ov31Coiw%2FPjOnaTrpsfUKlBfkoCApueM8SA%2FDfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 6def0b5e6afc6946-FRA
expires: Tue, 22 Feb 2022 10:19:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
557 B 176ms
89ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94773db8e4ed0417c38fd37dccafd6450b04f372f73c3e2b2a4336f56707dfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 12:25:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 12:33:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 12:33:29 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
galaxyfirmware.com/assets/js/ 87 KB
32 KB 44ms
43ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/js/jquery-3.5.1.min.js
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180838
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Aug 2020 08:27:01 GMT
server: cloudflare
static-cache: HIT
etag: W/"15d84-5ac95d5d27f40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD0NiW%2FfoMR3mKI497Ny5D8YSdbuXdmqlVDAG0CcroTjGcA9A9Qt1eraOpqTOhy%2FXVyQo6gPeHBDGqsQFi67nBQGvLv41n4ElItGIzwbD15ZY3pT%2BBz7avN3bFm%2Fg%2BGl3ezf4Xae0XU07wa0AqgvP3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6def0b5e6afd6946-FRA
expires: Tue, 22 Feb 2022 10:19:31 GMT

GET
H2 200 bootstrap.min.js Show response
galaxyfirmware.com/assets/js/ 59 KB
15 KB 35ms
34ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/js/bootstrap.min.js
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181119
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 May 2020 16:52:01 GMT
server: cloudflare
static-cache: HIT
etag: W/"eb0e-5a5764848ae40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XZAJ9oCLUFGoFpjYUoFF6TnuBd7SWBoWBKjQA%2FLwWJvku%2Fw9NTZhpMupyoqO94DQIbs%2FqbaJRHEFzuywmEe3TDXXUdTQeOUSo5dcBQ2g6IlKu7cvBi21sf8JGzx657NBgVfMcctDB29XP3QSGBV2tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6def0b5e6afe6946-FRA
expires: Tue, 22 Feb 2022 10:14:50 GMT

GET
H2 200 handlebars.min.js Show response
galaxyfirmware.com/assets/js/ 78 KB
24 KB 37ms
36ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/js/handlebars.min.js
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac4ea004d72c2f74cb64b16cdd796cc3ef932c7c937487453bcb636d64bdcdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181119
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Aug 2020 08:27:51 GMT
server: cloudflare
static-cache: HIT
etag: W/"13981-5ac95d8cd6fc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvekf7PF4tzyC%2B8%2BX5vLMusxYXr6rA0cxcmjRaleW3NUoYtumFRgLirZKIx%2BAEdgrtBe0v85dKDw3TZFY%2BW9JE1JauFGME1AYGDNh%2BmmiXNYFocO%2FNBN9kJMZIe5D4rriJpl%2F%2FHvnjMJCcWxFFzI3U4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6def0b5e6b006946-FRA
expires: Tue, 22 Feb 2022 10:14:50 GMT

GET
H2 200 typeahead.bundle.min.js Show response
galaxyfirmware.com/assets/js/ 39 KB
12 KB 39ms
38ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/js/typeahead.bundle.min.js
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 283314
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Jul 2020 10:50:09 GMT
server: cloudflare
static-cache: HIT
etag: W/"9b45-5aaf1630a1a40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dy%2FgwPTvo5%2BCmRVJ45smF2Mu3%2FddhNQyYfZldiH0bJt1VcBnM35M0EpP%2F9RW8SqKd3j9C2lPhjSakL%2BMZ%2FWb%2BLlPyD1zyaI3I%2BcE59ImHcLBeehTWGcKQvbLvXjfqWhK7hRWChUrUmYsvc%2F52R0ZAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6def0b5e6b1a6946-FRA
expires: Mon, 21 Feb 2022 05:51:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 150ms
64ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-76442928-15

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab1a8b3aeb45ca24f505b2863f71e3e631c1ed63d5ba0036b77266ca265d95b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36134
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Feb 2022 12:33:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 167ms
82ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958e7aa4e2d41ed40b30c94045261cf89bb80d6ba02b0b99adad5d6138ecde7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54179
x-xss-protection: 0
server: cafe
etag: 10645168809453030145
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Feb 2022 12:33:29 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0b8f5b82a114265bffe5f2312fad5122548065df5f426e2a9caf64b0b019146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://galaxyfirmware.com/
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Uft/oUPzPGiZJgpk2As2NQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 17 Feb 2022 12:44:45 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 6HJRN4v7N6FKthFwOpb6Bf42428yRsY9PICZ4ncEP7CrRiVZ3gMKv7qZ5twvad2bLZ3VW/JVkRpWJ+5mglmE0A==
x-fb-trip-id: 686109401
x-fb-content-md5: 1eb21982a9362171a9f43bfe428de7a3
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 17 Feb 2022 12:33:29 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2bd7a1641ad0e4d26c3910ef5cf09442"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 35ms
7ms Script
application/javascript 143.204.95.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-64.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 2679380b4144acfef1968f3057c17b78c28dcb394d0d1c084a029c5c09e418fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: Public
date: Thu, 17 Feb 2022 05:43:54 GMT
content-encoding: gzip
server: Server
age: 24575
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
x-amz-cf-pop: FRA50-C1
content-length: 7940
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-id: qaNJDav8shE2D3WfETMnMaqDbOa3zkywE9ZicGeAFzAyzS-YmqLQTA==
expires: Fri, 18 Feb 2022 05:43:54 GMT

GET
H3 200 s_series.png
galaxyfirmware.com/assets/logo/ 41 KB
42 KB 57ms
54ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/assets/logo/s_series.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee18417467d85e39604946daafe734dd53e0fb4d89d21b0a3ed922449c50f9fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158603
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42106
last-modified: Tue, 29 Dec 2020 06:05:47 GMT
server: cloudflare
static-cache: HIT
etag: "a47a-5b7942e8404c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v5hSERNIlm1h02k3%2FsmDqDDPDxnS%2Fw046FlKv57Q9a78oz9p5BxOh2tLkQQKZ6XrXrXHTRH%2B9hgLxYid8ekalyFcXI0XepUdOwQZXDlXclkGDWI9AyVaQKwhLgBGVOfA8goaTKqOZoqse4ZIeJfyPM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c059295-FRA
expires: Tue, 22 Feb 2022 16:30:06 GMT

GET
H3 200 BTC.png
galaxyfirmware.com/img/icon/ 2 KB
2 KB 23ms
21ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/icon/BTC.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6064887ef3e3f56b479f8ea7f09711dd735504e5ba4f937ca2243eed79ca08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1573
last-modified: Wed, 21 Oct 2020 06:06:50 GMT
server: cloudflare
static-cache: HIT
etag: "625-5b22827387280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4l%2FNxAmeWRWYpj%2FexZiUBBft19sPMAqrJbukb7t%2BK2nQ5ERIV6iSu%2BxoMwSlAA1T9cPW0yaWwWvhvFReK9UWawbHa12HkOHxEuhCP0dT0x7XQBR%2BMAt8fgDU7EBZ5a2NJoMjyCZH%2FFM5wwHK1s3sGDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c089295-FRA
expires: Tue, 22 Feb 2022 14:26:42 GMT

GET
H3 200 BTC.png
galaxyfirmware.com/img/ 1015 B
2 KB 24ms
22ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/BTC.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb74c24862d9504047c043881ea6ec701fcfdde2ed18619b3e7528be4b2e2aea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1015
last-modified: Fri, 25 Sep 2020 07:20:32 GMT
server: cloudflare
static-cache: HIT
etag: "3f7-5b01e26eb1000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kI2x0bX5QyH3FSfjvlCaKlC7SqVYjI6xCUJjRKWqkY66INjlRt9rhQRe8tNui6GTFqU%2BWWHtgIyoPFM2wPZ7XgyevLNfhUY%2Brfc1pAKvC9qu2E4Yh5qqKmWgwxrl61skvltFgr2CU1mwJd4q7CBCDqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c0c9295-FRA
expires: Tue, 22 Feb 2022 14:26:42 GMT

GET
H3 200 ETH.png
galaxyfirmware.com/img/icon/ 2 KB
2 KB 26ms
24ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/icon/ETH.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a9972c6f13b5510730dff6c349f812510c778b2f7722f00426c287246c50cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1759
last-modified: Wed, 21 Oct 2020 06:07:03 GMT
server: cloudflare
static-cache: HIT
etag: "6df-5b22827fecfc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbdCcrgt99KIaFYrJpvmo7BK%2BPZTxlWGboV8uKKdq%2BvuuZsOdXuA0CZen1pc7vdvY9Lo4EzRBrcisLQ1XHIGGon%2BjYwLY04RHm%2FgHSTG54sb3yMsP2d6aIPveh5x%2Fv%2BgaN3Zkf8sS3liRUgHI6EFvwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c109295-FRA
expires: Tue, 22 Feb 2022 14:26:42 GMT

GET
H3 200 ETH.png
galaxyfirmware.com/img/ 1 KB
2 KB 30ms
28ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/ETH.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f59da926d489e3ac5c881db1bd2699717b8b5106a9b7968dde2fa02d2c1f9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1031
last-modified: Fri, 25 Sep 2020 07:21:21 GMT
server: cloudflare
static-cache: HIT
etag: "407-5b01e29d6be40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XQgaqNdDCz9%2F8HPDSXoq1lGx%2Fl3jIJ1tiyRh3V6N4tZ6omhW1SNZfmjGWbR8p4%2F002uzQRYNS1vU9N0xmSAtMV06A9A%2Bn8CScA7PCixab3FsdwcZ%2FxTI9q%2BZICpGGTTjhsnMvwsltqHAi0xlWolaKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c129295-FRA
expires: Thu, 24 Feb 2022 10:02:50 GMT

GET
H3 200 XMR.png
galaxyfirmware.com/img/icon/ 1 KB
2 KB 18ms
16ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/icon/XMR.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7437303df46a7ffd5bc94d07b13f07668ca4b25275584f7a55bf00be930355a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17072
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1408
last-modified: Wed, 21 Oct 2020 06:07:15 GMT
server: cloudflare
static-cache: HIT
etag: "580-5b22828b5eac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dUJC8k6CjKESiqg1Qdzy1aUkT1gXmUssT02Moj4yarGWSg1kVVDfbV3IV8m4TYsZt0EYuKF9doPvK%2B%2BKgNXfuRLAIwx503bukVaUUbbj2WuC2XAc%2FFeyEoyWOh%2BM%2B84SGFMgD2tm8TJFYnazbmWcCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c149295-FRA
expires: Thu, 24 Feb 2022 07:48:57 GMT

GET
H3 200 XMR.png
galaxyfirmware.com/img/ 1 KB
2 KB 64ms
62ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/XMR.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bf96c66e3d73bb911bcd3f48515ec8856f9e08fad67a3006c1b2d0954d61cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1253
last-modified: Fri, 25 Sep 2020 07:24:28 GMT
server: cloudflare
static-cache: HIT
etag: "4e5-5b01e34fc2300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZqrE%2BmfKlygWXml2JZtI9nHY%2Beom%2BZzF4DfX3qHPtf7sRW1KlwbEyhFmFJmd5biWUWCRAL65jupTfSxJpktQsNd%2BrDThbpJhsEUNHZgh8xdaZmRhNxeLWxCk3m9X0E3ApDtZuEPVP1lxA5DA0DC24A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c179295-FRA
expires: Tue, 22 Feb 2022 14:26:42 GMT

GET
H3 200 LTC.png
galaxyfirmware.com/img/icon/ 1 KB
2 KB 24ms
22ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/icon/LTC.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12523501996e31c888ba97e221f91e2033222e7e7c7a21e1e755133f45646c7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1507
last-modified: Wed, 21 Oct 2020 06:07:29 GMT
server: cloudflare
static-cache: HIT
etag: "5e3-5b228298b8a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJp6BiPDwqt2eOb68%2B31WwM%2B%2F8NEsTXOEOrijQpO5vEWc7nVwucoKnQ%2FjRwq7GR8ljO%2Fe8vL3aAj9jhShW2OAs97yuZ6Kf8ummwgh26q6h7cmsw2YgfdfM6CWOaJdDXBeFq7FRqrXXHtLgtAtoQs%2FlI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c199295-FRA
expires: Tue, 22 Feb 2022 14:26:42 GMT

GET
H3 200 LTC.png
galaxyfirmware.com/img/ 1017 B
2 KB 65ms
63ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/LTC.png
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bce89e541124ba056e50879611618d51b440d8cdcc6a2d29efdc4c725b7c7e24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1017
last-modified: Fri, 25 Sep 2020 07:24:03 GMT
server: cloudflare
static-cache: HIT
etag: "3f9-5b01e337eaac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xny24ZoLUEhEKGSz89LJBnD3eQTXCfiPcl4YAVKbBvqTEkQdleNvgnxWKEexF5GRY8Wtay%2B3k6Nw6bXeqsHsLLf0oQWsAaIJQ4Dh30ewckAF0b8OOxS7lPq%2BHivIn0TYFy5TQBKOIJZ2TYVxc2T0EBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5f9c1b9295-FRA
expires: Tue, 22 Feb 2022 14:26:42 GMT

GET
H2 200 trbtn-red-3.png
cdn.trakteer.id/images/embed/ 80 KB
81 KB 175ms
81ms Image
image/png 2606:4700:3032::6815:26a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.trakteer.id/images/embed/trbtn-red-3.png

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:26a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81c0d705d39830242859e71362a824e8551972dc4b727675a1a3e03e3b02dc0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12892
cf-ray: 6def0b602e175b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82430
x-hw: 1633400667.dop024.si2.shc,1633400667.dop024.si2.t,1633400667.cds209.si2.c
last-modified: Sun, 18 Jul 2021 07:46:17 GMT
server: cloudflare
cache-control: max-age=43200
etag: "c223f40096b582bc068ec91d26113b13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQAfB%2FLipC%2FYhB3d1DLeAr%2BOWJ%2FQJeXjzp6TylDsMsYdfliLk9EiufAQI7q7JIcjtZYtlEQDBbs0FICvdj5Av2gwx8AwGRjyD%2F7aDCOn1hv37vW82DKxRxL%2FRSuQDreE9rrYU8z3liTdS1pPAvA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000024a68dc2-00615ac905-1344eb06-sgp1a
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-rgw-object-type: Normal
accept-ranges: bytes
content-type: image/png
expires: Tue, 05 Oct 2021 09:27:33 GMT

GET
H3 200 main.v1.js Show response
galaxyfirmware.com/assets/js/ 3 KB
1 KB 30ms
30ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/js/main.v1.js
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d4aacc3985096be0319521b456d42c9cadcf05e76495054be1cfc661f0813ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171926
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Jun 2021 15:36:53 GMT
server: cloudflare
static-cache: HIT
etag: W/"b30-5c41ab1b24f40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9f3F6ZhG35xpn0P0Mts6%2BsBpbFXURGYttSoouuJTtiY6HWVQilo1O8Nc6kPwRwz0Y6DkRkrr9rs65zbKfRVaqfzzw3lJGJ3b%2BAebh376Rj5QKsRa%2BWgmgY1f4oS8oowm1XL2B%2F0eeLpqzmyr4biwJ2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6def0b5f3b199295-FRA
expires: Tue, 22 Feb 2022 12:48:03 GMT

GET
H3 200 cookiealert.js Show response
galaxyfirmware.com/assets/js/ 935 B
1 KB 13ms
13ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/js/cookiealert.js
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171926
cf-polished: origSize=1836
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Dec 2021 04:00:01 GMT
server: cloudflare
static-cache: HIT
etag: W/"72c-5d2ff1b5f3359-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpg%2F8moK548ypdMsWbbdzMOXqWvddVFGKC20Vnun1MiyHSmFBKjHt9X%2BVc3EOpDtuuD%2Bndxs3T0WlIe0J40wRUsYIrP4B%2BEIwoXRXVch1N74YdTqLgMBYlE7vNoUrJMlMplK%2FRNyQnpyna9Pn%2BXoalE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6def0b5f6b7e9295-FRA
expires: Tue, 22 Feb 2022 12:48:03 GMT

GET
H3 200 f-1879.js Show response
galaxyfirmware.com/ 468 B
851 B 34ms
34ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/f-1879.js
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0bc4c2c15721f4ad16a47146e51c99571f8c365c5b5de1802f2cbc8a0db47a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Feb 2022 12:33:29 GMT
server: cloudflare
static-cache: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5argcdUuPNW7KcQdNN2Cte1biZZbHTgBE3QzbvBGHyHSNNFFPUtFyv3PxDOdVmFqn92RrNLTXUrsznZqKaqCYb8Iia4yvfPa4oUEIuTso9NQBr%2BHrlgcloWjFcULbDtvSRULVwYv9QYwFib45oUegr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6def0b5f7ba09295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 24 Feb 2022 12:33:29 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 80ms
61ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://galaxyfirmware.com/
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6def0b5fbca8913c-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ 357 KB
142 KB 129ms
42ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galaxyfirmware.com/
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 12:32:13 GMT

GET
H3 200 uz.svg
galaxyfirmware.com/assets/flags/4x3/ 1 KB
999 B 61ms
61ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/assets/flags/4x3/uz.svg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/css/flag-icon.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a3658f5f45def0750a70247d604356ff4eba996b30aa23a657ac07044caed4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Jul 2020 07:13:44 GMT
server: cloudflare
age: 1018
etag: W/"5ae-5aa9de5b53a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Xna1Xn%2BnjPvp1uf5UjNLtRMxMRK%2FH8IXr4Fsqo4xmX4GDcq8yuCpVi5EGfYqGovzZS%2FYNGMlWfM9KMj%2BNhFPbC81C5PStTeDi9bKXCecBiZTYMU1%2FzM119EsTLfW1H2gMjDlBcfAPBlr8b4RHYkp5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6def0b5f9c229295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 134 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 19:30:15 GMT
x-content-type-options: nosniff
age: 61394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 19:30:15 GMT

GET
H3 200 fa-brands-400.woff2
galaxyfirmware.com/assets/fa/webfonts/ 73 KB
73 KB 19ms
19ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/fa/webfonts/fa-brands-400.woff2
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/css/icon.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c

Request headers

Referer: https://galaxyfirmware.com/assets/css/icon.css
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Nov 2019 17:51:00 GMT
server: cloudflare
age: 2113
etag: "1239c-59893fd400900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcMNv2ZcrnORhG%2FpwquZTKyE%2BxI1Crfg5FQHrJhRStWs4mlAOzDXXL5EFHtRVaSsCZNbPLbGQ8cdYMOHQHNAKdnhuk7VOFWGK1Ctb1LQvZNHVfTzOOGyl0jt9QAijMS0KJ6fxoTSMyV71so6hUXbP00%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6def0b5f9c2a9295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74652

GET
H3 200 fa-duotone-900.woff2
galaxyfirmware.com/assets/fa/webfonts/ 162 KB
162 KB 60ms
59ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/fa/webfonts/fa-duotone-900.woff2
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/css/icon.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae

Request headers

Referer: https://galaxyfirmware.com/assets/css/icon.css
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Nov 2019 17:51:00 GMT
server: cloudflare
age: 2113
etag: "28750-59893fd400900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiP684y%2FNvAK8lahL35qko220npMW8Jz%2FfhDEcKEVHO5JQYDQSKgNAeCLFvYeX%2FHGWGyV0yO2iRJ88CJetBp7JYuOjilXrabj3WC5psi4k5CxqeBEg7cCE3P32n96iVlHBd72F%2FMzH2k937MfGzS6fc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6def0b5f9c2d9295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 165712

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 130ms
44ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 19:31:15 GMT
x-content-type-options: nosniff
age: 61334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 19:31:15 GMT

GET
H3 200 fa-light-300.woff2
galaxyfirmware.com/assets/fa/webfonts/ 161 KB
162 KB 85ms
84ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/fa/webfonts/fa-light-300.woff2
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/css/icon.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f9936bcdcd5fd28c0f811afc230ba3c0253ba00284673299475e3c8aa43309f

Request headers

Referer: https://galaxyfirmware.com/assets/css/icon.css
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Nov 2019 17:51:00 GMT
server: cloudflare
age: 2113
etag: "28468-59893fd400900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxqNDG7mIsJjlgfMUj0HOUz4viMpidlCE6rRftYCM91%2FbS%2F2GJ%2BDKTQGssjpicaY5KQnfVnO1A4k7kMXKdqzEj06nOaA4a0hR%2B0kntZcrCWcr4rRd3BDIVp7ksBLroCypb2AialkXTo1fStSmFPQfpk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6def0b5f9c309295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 164968

GET
H3 200 GT-I9192.jpg
galaxyfirmware.com/img/webp/models/160/212/ 6 KB
6 KB 63ms
62ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/webp/models/160/212/GT-I9192.jpg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 252f5194bae9a7fda5883f708661b84c7c9fea73700459da8803bc50b9a97d07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5712
last-modified: Thu, 17 Feb 2022 12:33:29 GMT
server: cloudflare
static-cache: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FH8oslwxVNkvq5A874sqsjc2VVvN9HYRzjee%2Bc9Dr7ZdXCOR1ZjqDALiaJ1gStkvhUJ%2BFTnu06JqObg6ZjKuyfOjZ%2Bh6YibBWqvDAS0RtG0JHJWuAVyDFu2wn6n55ERCk%2B%2FO1JKbhIo2tETngKvMTAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5fdcdf9295-FRA
expires: Thu, 24 Feb 2022 12:33:29 GMT

GET
H3 200 ru.svg
galaxyfirmware.com/assets/flags/4x3/ 286 B
755 B 54ms
54ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/assets/flags/4x3/ru.svg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/css/flag-icon.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b51b57f63cf58e451abddeaee39a8c7b133cb3d58c6ef1a903883bda7c346b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Jul 2020 07:13:44 GMT
server: cloudflare
age: 1032
etag: W/"11e-5aa9de5b53a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Nssdat2k28CbTskIeVjtKGrzYIZIWtKW6W6rItt7cN3HsOVw7%2Fs1z79DpT6RYXGWFwfejyg0D%2FKd8xt%2FeC5D16GvXXYQE3ycv9joezQgOSJh2aUEzjsRHWOXJpF7XFLKi8%2Fx1WEUIXXYNUPwuZQwAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6def0b5fdce99295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 kz.svg
galaxyfirmware.com/assets/flags/4x3/ 11 KB
5 KB 55ms
54ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/assets/flags/4x3/kz.svg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/css/flag-icon.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8214283b99e5781396996fdfd84c551ea7ac15a248465ccbb9358b13373d802a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/assets/css/flag-icon.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Jul 2020 07:13:44 GMT
server: cloudflare
age: 1032
etag: W/"2c3f-5aa9de5b53a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5OdUbFZ2go6IVPY1B3CI867QjYT21BsHUbLLeZ5%2BFO6rZIb7%2BAvernIyvj1YuY4k%2Be3IfZfOzL3zghYQgpQA6jii91Yvvy6dereUeeoyJ%2BbRHLpVpVFw%2FNwZ0lsmwis9XsKNxxG2Tq6EIK6QM3mMJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6def0b5fdcea9295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fa-solid-900.woff2
galaxyfirmware.com/assets/fa/webfonts/ 120 KB
121 KB 53ms
53ms Font
application/octet-stream 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/assets/fa/webfonts/fa-solid-900.woff2
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/css/icon.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741ff0931a0d2097b2ecaa880274a38aa7766973adfe2ae84273641783cdce16

Request headers

Referer: https://galaxyfirmware.com/assets/css/icon.css
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Nov 2019 17:51:00 GMT
server: cloudflare
age: 1639
etag: "1e0b4-59893fd400900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpY9%2Bu%2BsvRIsrQmKZb6ewEiFRrJqWKHBB6f36ssLIL9ePmrtbuZ5SA5ioYTII8L5Uh1%2F%2BXTg4ug9FsdvapTOSPM2plweyMOjN9YKE%2BCE6%2F89Wi6xz8yizDRI5qoZzD%2Bp7YalSz3ROh8%2BW5HQnfOImY4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6def0b5fdceb9295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 123060

GET
H3 200 SHV-E370K.jpg
galaxyfirmware.com/img/webp/models/46/60/ 953 B
2 KB 129ms
129ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/webp/models/46/60/SHV-E370K.jpg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f12583b946e191f91315e922047a9137dba622805d13a3aece65b48fdf7167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
last-modified: Thu, 17 Feb 2022 12:33:29 GMT
server: cloudflare
static-cache: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWONgMXz6E1tUveBIHaoMZUtjaJq9NATTmIEJCF7%2Fi1DUVgpThD7xh84GzkRYiusRn10RDTEaBZIJldFuq0B1k3uPv0g%2BkI3M7%2BYGx%2Ftn8X2JChvcJSkhGlC%2BzWlUebaxKTsTaCOvxZf5jP%2F881WN48%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5ffd109295-FRA
expires: Thu, 24 Feb 2022 12:33:29 GMT

GET
H3 200 GT-I9197.jpg
galaxyfirmware.com/img/webp/models/46/60/ 953 B
2 KB 58ms
58ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/webp/models/46/60/GT-I9197.jpg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f12583b946e191f91315e922047a9137dba622805d13a3aece65b48fdf7167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
last-modified: Thu, 17 Feb 2022 12:33:29 GMT
server: cloudflare
static-cache: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DGJ1ss7jerrWSQ%2FedEfsrT0veUtERHJ8RXuxsldMt3nybJB%2Byg7FmMtxq%2FvpdOl1UHMSLd%2BTpdhC8zxU22Evh0FEJvfbv6oWmm6OF6IzX2kmo01HAS2DjuuZhqil90ExpIpxhAGz4uIgqtJgoKo8RA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5ffd199295-FRA
expires: Thu, 24 Feb 2022 12:33:29 GMT

GET
H3 200 GT-I9195L.jpg
galaxyfirmware.com/img/webp/models/46/60/ 953 B
2 KB 58ms
58ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/webp/models/46/60/GT-I9195L.jpg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f12583b946e191f91315e922047a9137dba622805d13a3aece65b48fdf7167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
last-modified: Thu, 17 Feb 2022 12:33:29 GMT
server: cloudflare
static-cache: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ts9WCQd71mZtNJUGJpNM%2B9Jv%2ByhFniwh0RrENQg07PyTiYQOLpmQP6fQLcjfJhYq%2FhXuTVN0qxlxTSxzZFssFmiK7uItKx%2Fbjk6GowW1d0vqG4Kme9jIP5%2F9ql0mstfxvUy736jMsChrwm1ktmjT4wA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5ffd1a9295-FRA
expires: Thu, 24 Feb 2022 12:33:29 GMT

GET
H3 200 GT-I9195I.jpg
galaxyfirmware.com/img/webp/models/46/60/ 953 B
2 KB 58ms
58ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/webp/models/46/60/GT-I9195I.jpg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f12583b946e191f91315e922047a9137dba622805d13a3aece65b48fdf7167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
last-modified: Thu, 17 Feb 2022 12:33:29 GMT
server: cloudflare
static-cache: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTgZ%2BqZMLC4Vm267fVZW5IbZ5g8DRJpJqpj76RSxrbDKbKIK8EEmXQt8muo%2FXH2TYEVYRPKjxJyEsNLd0lDuvh6gRsXNf4Z8UoHI2f6cf%2F4v9xCAEam8DoEqTKE%2FLYJV%2Fhbbvt6Hyfewa1%2FoK%2F%2FIL5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5ffd1b9295-FRA
expires: Thu, 24 Feb 2022 12:33:29 GMT

GET
H3 200 GT-I9195.jpg
galaxyfirmware.com/img/webp/models/46/60/ 953 B
2 KB 58ms
58ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galaxyfirmware.com/img/webp/models/46/60/GT-I9195.jpg
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f12583b946e191f91315e922047a9137dba622805d13a3aece65b48fdf7167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
last-modified: Thu, 17 Feb 2022 12:33:29 GMT
server: cloudflare
static-cache: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQOBBrok3PEIjZmi9k51GaijrxSSHhdMeSM%2BDZOCfnVHkaREGaQW5p8%2FD9Gl3Al%2FqIYKm8K7jzxrskm9LB7Khfptuw2PXihCL1q3TseEBNKrMOtgMNTmhRbZlCC4JA6MvPCQCzCEZtO0Puuy1gXGdRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6def0b5ffd1e9295-FRA
expires: Thu, 24 Feb 2022 12:33:29 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=12c2fa6a79664a7c628af443aeb05a21

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bf01602d5a31c4b86e65ab71bc587301bd2d266ba6271b584742ee999098563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://galaxyfirmware.com/
Origin: https://galaxyfirmware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aQIhQZzo8+Hq/d62PBl57A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 17 Feb 2023 11:47:41 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82175
x-fb-rlafr: 0
x-fb-debug: NN0f+1CeVSOBGmOxkNOF8QDVXGpvxEtsUEZjQK7LrTcUUwNrittZmOvXUhmIMtBthLsVus4aBybyfKOtNSJLyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 84979688ff9f9a39928c1b6cf789198c
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 12:33:29 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d85048dd32d3cf337c91668a9edefb20"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 cari.php Show response
galaxyfirmware.com/ 0
505 B 43ms
41ms XHR
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/cari.php
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/js/jquery-3.5.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MchuDK%2BLWu7mVbyFRKIaYR2YvSdrJVyXhHh%2BLOoba4AYzEIQZggEoM%2Fsi0LVThGYiQ%2BcmVCt4QCmx1is5hfnbi%2BrWjwhEgP%2B0abaDmaQWR16spnwVNeMi9Pf9zatxnfia8j1pCyd7Q3%2BFwCk4w8jZuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6def0b603da39295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 search.json Show response
galaxyfirmware.com/core/ 0
554 B 18ms
18ms XHR
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/core/search.json
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/js/jquery-3.5.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 11:58:16 GMT
server: cloudflare
age: 2113
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8%2FEI9BLw7huLMcj%2BdUtDGefwyoCeDh6pMiVd1mH3fKMTchzYrzI3W0rt18Ba%2BYt%2BC0iVjjemCIjudiWpNyBYwnBLOGCwhvNhg2belBeQW8grB8CDKIGq631fd8MyDUY%2BaoQBAJOeCn5skjUTEbGeVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6def0b603db49295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 search-reg.json Show response
galaxyfirmware.com/core/ 401 B
650 B 16ms
16ms XHR
application/json 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galaxyfirmware.com/core/search-reg.json
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/assets/js/jquery-3.5.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5348c4a451091156bd62f18ab99e5fc267021a56980110e8b55242fe6fec5fe

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 11:58:16 GMT
server: cloudflare
age: 2113
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ubn3jB8PANEovaegt9G85rkQsbX3YZi97WLToajovC4wxOHRGyWhMnFiOeoHSp8kOyJI8pa7ye%2BIepl2zBgWtl6kltZCPCRjVQ%2Beh4C1UyBCZvPPCgelK9Zulb3j%2FBt4l%2BO5tWr5Ue19KNEBmE7QS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6def0b603db89295-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2015629328680913&ev=fb_page_view&dl=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&rl=&if=false&ts=1645101209702&sw=1600&sh=1200&at=

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 17 Feb 2022 12:33:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76442928-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3516
date: Thu, 17 Feb 2022 11:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Feb 2022 13:34:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 104ms
60ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4536252381241562&plah=galaxyfirmware.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1da591e87cbbc5f95983323461d234b36877aba330c36c85b5431998254caa32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106771
x-xss-protection: 0
server: cafe
etag: 8749677517066642759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 17 Feb 2022 12:33:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220215/r20190131/ Frame 4771 10 KB
5 KB 126ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220215/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Feb 2022 16:02:06 GMT
expires: Wed, 02 Mar 2022 16:02:06 GMT
cache-control: public, max-age=1209600
age: 73883
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7022 42 KB
22 KB 107ms
57ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcE_bMZAAAAAFuYMvk8is_qOcpBs-_JWe6oRP0q&co=aHR0cHM6Ly9nYWxheHlmaXJtd2FyZS5jb206NDQz&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=normal&cb=x6evo9uyum0q

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd22f5ece98250ad96fc5d596ecf572ae950a0346517f8e3b91937e4308664d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7Vie02GHayKGf/N5b0Ygqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 17 Feb 2022 12:33:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-7Vie02GHayKGf/N5b0Ygqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22547
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 87ms
43ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=415705078&t=pageview&_s=1&dl=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&ul=en-us&de=UTF-8&dt=Galaxy%20Firmware%20-%20Samsung%20Galaxy%20S4%20mini%20GT-I9192%20(CAC)%20%7C%20I9192XXSCQA2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1830325040&gjid=108261607&cid=5713642.1645101210&tid=UA-76442928-15&_gid=1673864083.1645101210&_r=1&gtm=2ou290&z=1842635657

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galaxyfirmware.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://galaxyfirmware.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 7022 51 KB
24 KB 87ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcE_bMZAAAAAFuYMvk8is_qOcpBs-_JWe6oRP0q&co=aHR0cHM6Ly9nYWxheHlmaXJtd2FyZS5jb206NDQz&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=normal&cb=x6evo9uyum0q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 12:31:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 7022 357 KB
141 KB 105ms
58ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 12:32:13 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
650 B 131ms
47ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=galaxyfirmware.com&callback=_gfp_s_&client=ca-pub-4536252381241562

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4536252381241562&plah=galaxyfirmware.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

17e2cd2af5475990b6800e54ecbca7314099288d0b95e1fb73bd10d327ff0135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 136ms
48ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=galaxyfirmware.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galaxyfirmware.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&tn=NAV&cls=navbar%20navbar-expand-lg%20fixed-top%20navbar-dark%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4491 57 KB
14 KB 285ms
239ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&adk=1812271804&adf=3025194257&lmt=1645101209&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101209776&bpp=3&bdt=458&idt=186&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2814387080110&frm=20&pv=2&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ef08f62dcf2a8d012c2961fcebcea277d53b83659c3d78d32011fceca892c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Feb 2022 12:33:30 GMT
server: cafe
content-length: 14442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Feb 2022 12:33:30 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-76442928-15&cid=5713642.1645101210&jid=1830325040&gjid=108261607&_gid=1673864083.1645101210&_u=YEBAAUAAAAAAAC~&z=1247618439

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://galaxyfirmware.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Feb 2022 12:33:30 GMT
content-type: text/plain
access-control-allow-origin: https://galaxyfirmware.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 871C 436 B
236 B 265ms
229ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&slotname=1539757937&adk=496153447&adf=3243064002&pi=t.ma~as.1539757937&w=698&fwrn=4&fwrnh=100&lmt=1645101209&rafmt=1&psa=0&format=698x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101209779&bpp=2&bdt=461&idt=214&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=807YCtAbGW&p=https%3A//galaxyfirmware.com&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1db6b0996e11af9ec8e0bd9c47555bae61a1cfa028b7177d30e7d112e8f38f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Feb 2022 12:33:30 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Feb 2022 12:33:30 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 829E 436 B
235 B 279ms
264ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&slotname=7734322770&adk=2931471175&adf=2362057675&pi=t.ma~as.7734322770&w=730&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101209781&bpp=1&bdt=463&idt=228&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C698x280&nras=1&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=MkIQ1c8yiT&p=https%3A//galaxyfirmware.com&dtd=232

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0bcf47c7f336f2646d478cb56523e95162d38af1f74a72fa20c04010136ecee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Feb 2022 12:33:30 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Feb 2022 12:33:30 GMT
cache-control: private

GET
DATA 200
OK truncated
/ Frame 7022 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7022 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7022 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 149622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 22 Feb 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7022 15 KB
15 KB 86ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 156409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 17:06:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7022 102 B
134 B 48ms
48ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcE_bMZAAAAAFuYMvk8is_qOcpBs-_JWe6oRP0q&co=aHR0cHM6Ly9nYWxheHlmaXJtd2FyZS5jb206NDQz&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=normal&cb=x6evo9uyum0q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 17 Feb 2022 12:33:30 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C973 7 KB
1 KB 53ms
53ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6LcE_bMZAAAAAFuYMvk8is_qOcpBs-_JWe6oRP0q

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7713aaffa68d1bed72578eef36cd9e518407e8f02f2be354bb3b1d5fbae0db92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wp+k09XQQlv8Z/d9Id3zrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 17 Feb 2022 12:33:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-Wp+k09XQQlv8Z/d9Id3zrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame C973 51 KB
24 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6LcE_bMZAAAAAFuYMvk8is_qOcpBs-_JWe6oRP0q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 12:31:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame C973 357 KB
141 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&k=6LcE_bMZAAAAAFuYMvk8is_qOcpBs-_JWe6oRP0q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 12:32:13 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 150 KB
53 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1e3126869cdbe177fa1a26b1dfc6d47b13ff3755e5c118d5f0140f04dbfdf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54549
x-xss-protection: 0
server: cafe
etag: 14786564184353338186
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Feb 2022 12:33:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 100ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=galaxyfirmware.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 97ms
50ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galaxyfirmware.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87DE 32 KB
12 KB 256ms
255ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&adk=1414751727&adf=844121993&pi=t.aa~a.2585407270~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&to=qs&pwprc=2863713297&psa=1&format=350x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101210328&bpp=1&bdt=1010&idt=1&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46e804f4562efca5-2215decd45cd0001%3AT%3D1645101210%3ART%3D1645101210%3AS%3DALNI_MYf86XXTt5hngMlq0BrqPx8WvgHbA&prev_fmts=0x0%2C698x280%2C730x280&nras=2&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=bCGku3gU9c&p=https%3A//galaxyfirmware.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d62b7ffe4f1c0c0ff77d2ae43bafe85703607c6fe8493cf32ff22c020fd07c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Feb 2022 12:33:30 GMT
server: cafe
content-length: 12463
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Feb 2022 12:33:30 GMT
cache-control: private

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220215/r20110914/ Frame D625 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220215/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://galaxyfirmware.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Feb 2022 16:09:46 GMT
expires: Wed, 02 Mar 2022 16:09:46 GMT
cache-control: public, max-age=1209600
age: 73424
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7AD5 174 KB
53 KB 206ms
164ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg5AmgAA-I8Hg4jnAASyHtqX3ILGFsCKuE19TA&u=%7CJBtMYBYRISyOemet8GwOoy73zvsUJyJQeG2Z1NX7ERQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zlZt1y_ZbsEBOrMw6EvLaxGb6pTVjoR-sYU1ohWjHg09-sdXatFm-OWjjyZsrE5-kLw0uROukgrupqwam8BdFNL4c3ZTWgRwcUrxGVFQfKAA_fVuufc3X2GcVYyxxzqZFujjKEh8PZIA7ZFnSGK9v1HX0of-oALJBtVlAuHZ5V34LCVcYJpTDseh2EtgVFs7uEOhLV9iEQFSWbUdaN6IjdSa0fixDKjSX5SISuYuZCHDCNfJnoc_PdeSFMtce3qyr-arTSoIHuE_XEGge2dGKmcMEl4cI-a_vFdMHGAF_Ff3N58vP3cdKIxo-HF9s38z8dbgC_SiML49aCwn775iu7ta2SqLCuqQduAE324fAbV7DQ4UBrom1gx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNujmkAOYo_xA-eRjuwPnuSSoAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NTM2MjUyMzgxMjQxNTYyoAHVttLqA8gBCakCXO63EBcQsz6oAwGqBN0BT9AGqt_9HaDNMFMciITA4cFDvFA6_wuqol1lO_3uT5YKbGTEWozJj3IdvQAzT-mGXTx2kV1ybgb6Aja84LuACy_vryGrNqhj5wEt19CmonRcg2dYkBKMcctVG47uPWw-5guh1sdN2BbpGNB1OjWW9fSjuxQk5VQZ-5ba2C2jgAxL3sZdtUGooGAReNX5N8jvQVhNvcpKMrCtOEWnhky7Y-Cg9tPZLy_98RO2I4zkGSXOM5bYQVBMkGidepbTJSgrqL7GL5VifXpvqWd2YCkAllPMAUAtEy8WUNMXEQGABu254_fxrPujjgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23znf5JjetYQ1R_A3b9PZ7F4VFdA%26client%3Dca-pub-4536252381241562%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6fc51fb69b8103de49b4ce84672da41d491543171e057e0a2be445892e76fc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-izj9CTwT2uZk9assYQGTWzQ77nppHNmMS40efb3HzSy--Gr67qgOpTOAkgqG1UV3cNwwfvV1xPAA3I96eX620pspOPa_Us914Gs-GEaUlRllDChufbYzrbKuIMBVyMWjjd30ae5nzVKhLmXNpijpmvMxSEdWY_3AlO-oBvX_kwAYm72ij0-iphpSSLrX4CsHj7tGnAxTZIc85BngTXGl2T3J6ZP5O-auKW96LzncHg4UHBoa0aeQPBI9PLxUrFvD67GXA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 149916604
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/ Frame D625 2 KB
1 KB 129ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 12:26:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D625 124 KB
38 KB 875ms
784ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Feb 2022 12:33:31 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/ Frame D625 15 KB
7 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 12:26:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D625 0
0 112ms
111ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct36hmkAOYo_xA-eRjuwPnuSSoAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NTM2MjUyMzgxMjQxNTYyoAHVttLqA8gBCakCXO63EBcQsz6oAwGqBNoBT9AGqt_9HaDNMFMciITA4cFDvFA6_wuqol1lO_3uT5YKbGTEWozJj3IdvQAzT-mGXTx2kV1ybgb6Aja84LuACy_vryGrNqhj5wEt19CmonRcg2dYkBKMcctVG47uPWw-5guh1sdN2BbpGNB1OjWW9fSjuxQk5VQZ-5ba2C2jgAxL3sZdtUGooGAReNX5N8jvQVhNvcpKMrCtOEWnhky7Y-Cg9tPZLy_98RO2I4zkGSXOM5bYA1JtAu8S5oVsuTyIeINg15x2d8xlh3_01OE9MKFzH2w1loWSQ2yABu254_fxrPujjgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NTM2MjUyMzgxMjQxNTYyGAA&sigh=igoIvZsfXas&uach_m=[UACH]&cid=CAQSGwCNIrLMqyMLalYFxAwaZV5g2DcD-AJmlP2djxgB

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220215/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 17 Feb 2022 12:33:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Feb 2022 12:33:30 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame D625 0
0 53ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RO0HfJ2DYgICAAAAdCFIUXzGFWYQmEAOYiHpTPrkpL74BQPGABI&wp=Yg5AmgAA-I8Hg4jnAASyHtqX3ILGFsCKuE19TA

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 228415
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame EBFF 2 KB
3 KB 61ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gmca68tzhm1xkkj3pd2hcezq3wanm7pybeav1qg4fada4d304m2whgtg40pjtv5k37qk1gx2v4zx8pgcc0t90ahcycbccb57cd4jhqszamqt9f9g3md5ea9mg3y0p9y1ff4dftjjr4gfctf2439t93z2w3zqvqbqy4p6n8z9c35sk7a17nj399mpf7ma5asevnrf1q91gw8z98kvkbk40mdd7gd5j772evpv7an4w44s0r9dz77atcggve75s7w4jja970303fq41daj2127kxcs74w0cd93cs4m6z3y7fraf5j0hx5sypmx5rzft1cf7w3nnr1gyhta19e4be23w9x7bfwsrwjgxe24p6ywkqvk8q1mza56pr63cnz6ehytd2ngkxgx5hkgzt1hj2c2jm29jzwfnsbhjtkrt8ctpnr846wfdrwn3t04hs5vp7ztw9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%26client%3Dca-pub-4536252381241562%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&adk=1414751727&adf=844121993&pi=t.aa~a.2585407270~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&to=qs&pwprc=2863713297&psa=1&format=350x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101210328&bpp=1&bdt=1010&idt=1&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46e804f4562efca5-2215decd45cd0001%3AT%3D1645101210%3ART%3D1645101210%3AS%3DALNI_MYf86XXTt5hngMlq0BrqPx8WvgHbA&prev_fmts=0x0%2C698x280%2C730x280&nras=2&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=bCGku3gU9c&p=https%3A//galaxyfirmware.com&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbe5ba35d4d4065ff78a6a3d414e4ec11d8ec31cb37a6f5b6dbdeee7ddf289db

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6def0b66aae29079-FRA
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/ Frame B6AA 2 KB
1 KB 93ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 12:26:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FD8E 1 KB
749 B 36ms
36ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 16 Feb 2022 13:26:12 GMT
expires: Thu, 17 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 83238
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6AA 124 KB
38 KB 659ms
658ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Feb 2022 12:33:31 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/ Frame B6AA 15 KB
6 KB 88ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220215/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 12:31:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B6AA 0
0 47ms
47ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtcVKpflEhBq_ttv4VV2PuDrbWY1ZbjyRNBRwmgTnfSRmeuuRoJ1r4pvDFxH7neMfGHtczjgH5vBKBn_QVJgOiCyKZ8A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&adk=1414751727&adf=844121993&pi=t.aa~a.2585407270~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&to=qs&pwprc=2863713297&psa=1&format=350x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101210328&bpp=1&bdt=1010&idt=1&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46e804f4562efca5-2215decd45cd0001%3AT%3D1645101210%3ART%3D1645101210%3AS%3DALNI_MYf86XXTt5hngMlq0BrqPx8WvgHbA&prev_fmts=0x0%2C698x280%2C730x280&nras=2&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=bCGku3gU9c&p=https%3A//galaxyfirmware.com&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B6AA 0
0 113ms
113ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVA7smkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE3wFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnXzM7KuMQRZeCSJf2fZOU5EuVtdRppRnxznjYW4-ZRjCrjV4z0PpgAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NTM2MjUyMzgxMjQxNTYyGAA&sigh=hvpOjx9SQR4&uach_m=[UACH]&cid=CAQSOwCNIrLM5AB82wM8is-nBDLETor0Zm9cY5w8e83MkNJXVFIAuldEUuco0Feu9CTI96iLKwbmdQljPQC2GAE

Requested by

Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&adk=1414751727&adf=844121993&pi=t.aa~a.2585407270~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&to=qs&pwprc=2863713297&psa=1&format=350x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101210328&bpp=1&bdt=1010&idt=1&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46e804f4562efca5-2215decd45cd0001%3AT%3D1645101210%3ART%3D1645101210%3AS%3DALNI_MYf86XXTt5hngMlq0BrqPx8WvgHbA&prev_fmts=0x0%2C698x280%2C730x280&nras=2&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=bCGku3gU9c&p=https%3A//galaxyfirmware.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 17 Feb 2022 12:33:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B6AA 0
0 62ms
21ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j37pwadvrdrtfhnerpddehytgkdnxmxnjx8f349272d95vh7eekt5t7k61zxkah7e5mnydyyg2pqwbws7pmpb1rksa0926ez9qsrykes6r8ytbdhgaa638b4bac40qsspx2zbxfsmepe5zjy5nwvspvqj66zy50tp3w5mwaawnsk1ffp9jp6fv4m3f21txgbj8d1ngkmj2tdscw57n0tsrnv7yr4w4nwm6b2aknvvs4hhg5vyhpvqk9f0yg4f07ph98g0bbh8t3e5n8j95q5v2vq07e3mbz6get6d0c3q9cchzsp7s3cfvecqhvxk4v0w4ywc1q7sqk96gzrrc039dbcfbqxqavysbksbwvznfy60z8cqxesmgj80dkxrexkm1hbw0vb8swaeqcp9bm34pa87292cbknw&b=Yg5AmgAF6BoKmqxKAAA87uocMB_17eWr38s5BQ
Requested by: Host: galaxyfirmware.com
URL: https://galaxyfirmware.com/model/GT-I9192/CAC/I9192XXSCQA2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 17 Feb 2022 12:33:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7AD5 2 KB
1 KB 57ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yg5AmgAA-I8Hg4jnAASyHtqX3ILGFsCKuE19TA&u=%7CJBtMYBYRISyOemet8GwOoy73zvsUJyJQeG2Z1NX7ERQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zlZt1y_ZbsEBOrMw6EvLaxGb6pTVjoR-sYU1ohWjHg09-sdXatFm-OWjjyZsrE5-kLw0uROukgrupqwam8BdFNL4c3ZTWgRwcUrxGVFQfKAA_fVuufc3X2GcVYyxxzqZFujjKEh8PZIA7ZFnSGK9v1HX0of-oALJBtVlAuHZ5V34LCVcYJpTDseh2EtgVFs7uEOhLV9iEQFSWbUdaN6IjdSa0fixDKjSX5SISuYuZCHDCNfJnoc_PdeSFMtce3qyr-arTSoIHuE_XEGge2dGKmcMEl4cI-a_vFdMHGAF_Ff3N58vP3cdKIxo-HF9s38z8dbgC_SiML49aCwn775iu7ta2SqLCuqQduAE324fAbV7DQ4UBrom1gx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVNujmkAOYo_xA-eRjuwPnuSSoAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NTM2MjUyMzgxMjQxNTYyoAHVttLqA8gBCakCXO63EBcQsz6oAwGqBN0BT9AGqt_9HaDNMFMciITA4cFDvFA6_wuqol1lO_3uT5YKbGTEWozJj3IdvQAzT-mGXTx2kV1ybgb6Aja84LuACy_vryGrNqhj5wEt19CmonRcg2dYkBKMcctVG47uPWw-5guh1sdN2BbpGNB1OjWW9fSjuxQk5VQZ-5ba2C2jgAxL3sZdtUGooGAReNX5N8jvQVhNvcpKMrCtOEWnhky7Y-Cg9tPZLy_98RO2I4zkGSXOM5bYQVBMkGidepbTJSgrqL7GL5VifXpvqWd2YCkAllPMAUAtEy8WUNMXEQGABu254_fxrPujjgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23znf5JjetYQ1R_A3b9PZ7F4VFdA%26client%3Dca-pub-4536252381241562%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Feb 2023 12:33:30 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7AD5 2 KB
1 KB 46ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Feb 2023 12:33:30 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7AD5 308 B
636 B 43ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 12 Feb 2023 12:33:30 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 7AD5 507 B
835 B 54ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sun, 12 Feb 2023 12:33:30 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 7AD5 43 B
347 B 65ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=oNCDYjqIuRg9IBP6gwNPNSoSd0UHge6cNNx6Sq0F5J0zsxP1iIkqd41xndvqHlf63JlX5baJ8eMIpNKRcc6BS41besAeCxyfYl8fDYYeRSXLyOO4W8XsWPp-Ta_2sI086X2hOjABm00P9DzoPqSgjU2cwYS6DbBFDNKI687eCqVCimKaKw-CcL1E9cdWCr6hRywuzRCFPQspwkKwJsDsiOE2qe2ABZVlJhsD9Xw71sH6VvSPX9a9dTa1nd521q10sDPsRPt_iIwueFS4y2WZbpdWKTWKXmAzMSZqGtHRz1re9cRERpKRtnfz0aAWCeaXSS8osxMKfw2QqW8NLijGJ90dyV0wcDnlhPV-1_EQbY_IUrftEJlHwjJXnZTfBSGcz5M5j9mqEN0QHrE9ouIvGUW36lg9MtIsLfnnBTGMF83PNW-D5Nn_Vfk7hcw2gBcA5ZueWA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:30 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3383131
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7AD5 12 KB
5 KB 41ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 273145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p00uGLt9Duf4qrQtMy%2F5SJdqLy0NgKshR55XvaJtypNH2%2B2%2BeunAWpdAtHA2k2mUnfSZL7J0tlZySoooiuUPbBV92bra9rqjknJ7b%2BpqL6pwBne8D0IGTIJ9U9FV7mqS%2BrUA1tXaai0xBYDHWpPiEeAJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6def0b66fa179191-FRA
expires: Tue, 07 Feb 2023 12:33:30 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7AD5 12 KB
6 KB 37ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Feb 2023 12:33:30 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame FD8E 35 B
463 B 35ms
9ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENTBPZBBzcUTEKIi3EXpTz4&google_cver=1&google_push=AYg5qPIw34diS1b6q9cptw9ZKhheomBEzatiIc8Mfyf8y467v_QKFWuN2AxYt7W0TBlp5deoAEJRg_BwOpoctzr8F3ozF-5QTA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame FD8E 43 B
350 B 52ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESED6XuXDGtN1jsqQC2rn-4lc&google_cver=1&google_push=AYg5qPJYwHp_JG6Rc4417hm4y18q51f_jPqkQoM4s0_1tX8iQoVWS0BquNY_8iUuOk_N29sHVPthkWXM4hv5tnD4E4OC5C7FzHs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&adk=1414751727&adf=844121993&pi=t.aa~a.2585407270~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&to=qs&pwprc=2863713297&psa=1&format=350x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101210328&bpp=1&bdt=1010&idt=1&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46e804f4562efca5-2215decd45cd0001%3AT%3D1645101210%3ART%3D1645101210%3AS%3DALNI_MYf86XXTt5hngMlq0BrqPx8WvgHbA&prev_fmts=0x0%2C698x280%2C730x280&nras=2&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=bCGku3gU9c&p=https%3A//galaxyfirmware.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:29 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9qva141h05l13rfne1cika3j2ep4onbo

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD8E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jr9HtJajSvKw3ah02y5W4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jr9HtJajSvKw3ah02y5W4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKAEyroDomDD6Iva_kJSDTCFR1Cn5lhujXk07Q0oMVxg2XVhRq4Qs2rAgT-gzDd4jhFdq9FHXE7wmRB0pIdGr2zMZdvU1c

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Jr9HtJajSvKw3ah02y5W4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKAEyroDomDD6Iva_kJSDTCFR1Cn5lhujXk07Q0oMVxg2XVhRq4Qs2rAgT-gzDd4jhFdq9FHXE7wmRB0pIdGr2zMZdvU1c
date: Thu, 17 Feb 2022 12:33:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FD8E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBUvljGfle3YteGzaIr_CIk&google_cver=1&google_push=AYg5qPLu15U6S9eC5yd12l9hYP37aUlND9fukRb9oFUj9NWL-ss6g4Wr8VaIMSKS3iFKJjUHIie...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRWVNBNVEtMjgtQU8wRA==&google_push=AYg5qPLu15U6S9eC5yd12l9hYP37aUlND9fukRb9oFUj9NWL-ss6g4Wr8VaIMSKS3iFKJjUHIiehaC5WjaV5SOTm2SjBcgIgsVk

170 B
329 B

64ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRWVNBNVEtMjgtQU8wRA==&google_push=AYg5qPLu15U6S9eC5yd12l9hYP37aUlND9fukRb9oFUj9NWL-ss6g4Wr8VaIMSKS3iFKJjUHIiehaC5WjaV5SOTm2SjBcgIgsVk

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pRWVNBNVEtMjgtQU8wRA==&google_push=AYg5qPLu15U6S9eC5yd12l9hYP37aUlND9fukRb9oFUj9NWL-ss6g4Wr8VaIMSKS3iFKJjUHIiehaC5WjaV5SOTm2SjBcgIgsVk
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame FD8E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeW...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame FD8E 43 B
296 B 368ms
18ms Image
image/gif 2a05:d01c:1d8:8100:cf80:c203:5e45:e44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPOJU3stb14ZCDjLu7UlAP8&google_cver=1&google_push=AYg5qPLTuS-Lt2fBsqz0uHXjTmg6-h2surQuAGiFGBbf-5Mo0NRMr7iFmZmm95QDnMYcGelFP8C89awKMzBff3EkEf5b5nFL754
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536252381241562&output=html&h=280&adk=1414751727&adf=844121993&pi=t.aa~a.2585407270~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1645101210&rafmt=1&to=qs&pwprc=2863713297&psa=1&format=350x280&url=https%3A%2F%2Fgalaxyfirmware.com%2Fmodel%2FGT-I9192%2FCAC%2FI9192XXSCQA2&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645101210328&bpp=1&bdt=1010&idt=1&shv=r20220215&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D46e804f4562efca5-2215decd45cd0001%3AT%3D1645101210%3ART%3D1645101210%3AS%3DALNI_MYf86XXTt5hngMlq0BrqPx8WvgHbA&prev_fmts=0x0%2C698x280%2C730x280&nras=2&correlator=2814387080110&frm=20&pv=1&ga_vid=5713642.1645101210&ga_sid=1645101210&ga_hid=415705078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066433%2C31064748%2C31064781%2C31061829%2C31063246%2C44756431%2C44758226&oid=2&pvsid=847083389550889&pem=926&tmod=754769579&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=bCGku3gU9c&p=https%3A//galaxyfirmware.com&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:cf80:c203:5e45:e44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:31 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FD8E
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJZCMqFhAUXABAOZHXxTNW8&google_cver=1&google_push=AYg5qPLF3BsFjmMSkVOLw_O-...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLF3BsFjmMSkVOLw_O-SFtKdbQPfOXpXXKutL94WMwnhxMprhinHCL0X7w_i2PTNvkFurk5Tx_Vce_YdzFOVGhK8WH5aRvJ&google_hm=

170 B
232 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLF3BsFjmMSkVOLw_O-SFtKdbQPfOXpXXKutL94WMwnhxMprhinHCL0X7w_i2PTNvkFurk5Tx_Vce_YdzFOVGhK8WH5aRvJ&google_hm=

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:30 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLF3BsFjmMSkVOLw_O-SFtKdbQPfOXpXXKutL94WMwnhxMprhinHCL0X7w_i2PTNvkFurk5Tx_Vce_YdzFOVGhK8WH5aRvJ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 16 Feb 2022 12:33:30 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FD8E 0
223 B 132ms
46ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRMp_UUbQ0cxMon27I6QU7wOs71Pht9FYCbKcUIFbJapdxmMzGIjBF-oWxFi44N-bEP3OukQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame EBFF 81 KB
11 KB 47ms
30ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gmca68tzhm1xkkj3pd2hcezq3wanm7pybeav1qg4fada4d304m2whgtg40pjtv5k37qk1gx2v4zx8pgcc0t90ahcycbccb57cd4jhqszamqt9f9g3md5ea9mg3y0p9y1ff4dftjjr4gfctf2439t93z2w3zqvqbqy4p6n8z9c35sk7a17nj399mpf7ma5asevnrf1q91gw8z98kvkbk40mdd7gd5j772evpv7an4w44s0r9dz77atcggve75s7w4jja970303fq41daj2127kxcs74w0cd93cs4m6z3y7fraf5j0hx5sypmx5rzft1cf7w3nnr1gyhta19e4be23w9x7bfwsrwjgxe24p6ywkqvk8q1mza56pr63cnz6ehytd2ngkxgx5hkgzt1hj2c2jm29jzwfnsbhjtkrt8ctpnr846wfdrwn3t04hs5vp7ztw9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%26client%3Dca-pub-4536252381241562%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gmca68tzhm1xkkj3pd2hcezq3wanm7pybeav1qg4fada4d304m2whgtg40pjtv5k37qk1gx2v4zx8pgcc0t90ahcycbccb57cd4jhqszamqt9f9g3md5ea9mg3y0p9y1ff4dftjjr4gfctf2439t93z2w3zqvqbqy4p6n8z9c35sk7a17nj399mpf7ma5asevnrf1q91gw8z98kvkbk40mdd7gd5j772evpv7an4w44s0r9dz77atcggve75s7w4jja970303fq41daj2127kxcs74w0cd93cs4m6z3y7fraf5j0hx5sypmx5rzft1cf7w3nnr1gyhta19e4be23w9x7bfwsrwjgxe24p6ywkqvk8q1mza56pr63cnz6ehytd2ngkxgx5hkgzt1hj2c2jm29jzwfnsbhjtkrt8ctpnr846wfdrwn3t04hs5vp7ztw9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%26client%3Dca-pub-4536252381241562%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 787414
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 08 Feb 2022 09:49:56 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6def0b673f5f917a-FRA
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame EBFF 35 KB
13 KB 49ms
35ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gmca68tzhm1xkkj3pd2hcezq3wanm7pybeav1qg4fada4d304m2whgtg40pjtv5k37qk1gx2v4zx8pgcc0t90ahcycbccb57cd4jhqszamqt9f9g3md5ea9mg3y0p9y1ff4dftjjr4gfctf2439t93z2w3zqvqbqy4p6n8z9c35sk7a17nj399mpf7ma5asevnrf1q91gw8z98kvkbk40mdd7gd5j772evpv7an4w44s0r9dz77atcggve75s7w4jja970303fq41daj2127kxcs74w0cd93cs4m6z3y7fraf5j0hx5sypmx5rzft1cf7w3nnr1gyhta19e4be23w9x7bfwsrwjgxe24p6ywkqvk8q1mza56pr63cnz6ehytd2ngkxgx5hkgzt1hj2c2jm29jzwfnsbhjtkrt8ctpnr846wfdrwn3t04hs5vp7ztw9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%26client%3Dca-pub-4536252381241562%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5527
x-guploader-uploadid: ADPycdsr5n4kU1rNLkiSrbRzdMb-9DabWoAfQTOrTOqZ3NYXVgPrNi4N3t5dVkDjvEN376F-ekn4TmbIv9GEx6HzMco
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F27Hph7T63nIE1uvXcCDZ1Mo8eDr7pteAPnr%2F2lPjOQ4HlO6sT6k8PbEtzpx9jhTNMjM%2BNVxssJO3tVsW%2BDPuv1Vr5hmHeznAeQzDngPc469mbKlO%2FuEc0vXYd7IufWI%2FRNjlE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6def0b674c3a9079-FRA
expires: Thu, 17 Feb 2022 11:01:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 11 KB
11 KB 168ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=mhWwn-irkdD7mZLREJ1cecKL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29108326
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11345
expires: Fri, 20 Jan 2023 10:12:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 71 KB
72 KB 168ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1171331-_x600-nocrop.jpg&v=3&w=400&s=Y5vuG7UXsL2GLhQ9f1nDUk7w&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7f1f05b944164a16740a6b0e96aef23fd5a54abba0fdc286e4f93fe9dc47182b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29311300
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 72892
expires: Sun, 22 Jan 2023 18:35:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 104 KB
105 KB 215ms
62ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1169339-_x600-nocrop.jpg&v=3&w=400&s=LcZwwN_n9TFwKZOXyYe6P897&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c47f6416a1e7a3b94dae823315649210f4b53409b67cff267622ea6290fbf2c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29315286
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 106712
expires: Sun, 22 Jan 2023 19:41:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 66 KB
66 KB 211ms
58ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29303616
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 67290
expires: Sun, 22 Jan 2023 16:27:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 51 KB
51 KB 212ms
59ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1576361-_x600-nocrop.jpg&v=3&w=400&s=sjSDj2-02gVafAVQlCZwy9Hu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e062d591dbaad64e86a1ef761325acfa13fe93855eb99b82d60d4bc2b6676441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29276854
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 52346
expires: Sun, 22 Jan 2023 09:01:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 54 KB
54 KB 200ms
48ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1604246-_x600-nocrop.jpg&v=3&w=400&s=lKgDpIyiyMO5AN5djuLKz20g&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a3aba8dee63a3e91443ddce230696b802ae4db6e643f83ef6b370668211566b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29277708
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 54948
expires: Sun, 22 Jan 2023 09:15:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 36 KB
36 KB 59ms
59ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167921-_x600-nocrop.jpg&v=3&w=400&s=hHblame-SXXlAUOZTC8DW9Wl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0beafc5b9034b1c07d55ea2130782321336ae51296e1496f3667badf303c58de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29287346
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 36836
expires: Sun, 22 Jan 2023 11:55:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 73 KB
73 KB 60ms
59ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1614215-_x600-nocrop.jpg&v=3&w=400&s=9tc1S_NZxok-Ps5yzNphVZzD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c8dea690935fd751de3403813c2c0ef2a8750a9f7018fb3cf7093d4fbf3ff4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29266287
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 74376
expires: Sun, 22 Jan 2023 06:04:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 75 KB
76 KB 61ms
61ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1202677-_x600-nocrop.jpg&v=3&w=400&s=tYkdZa9Kjd4xHU6l4gUaSeeG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5706e805137fb4bfccbaf552023102107df9b9112e1fb6451df1815de4265214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29351021
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 77282
expires: Mon, 23 Jan 2023 05:37:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 69 KB
70 KB 61ms
60ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1505342-_x600-nocrop.jpg&v=3&w=400&s=y_I0QeVuEVk6-sf-LhLbZlUi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3a9972f17e1fa4c1e8b5f97afba242956ddea29fd7b10fc537eef1536bf05b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29300582
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 71142
expires: Sun, 22 Jan 2023 15:36:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 48 KB
48 KB 63ms
62ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1189896-_x600-nocrop.jpg&v=3&w=400&s=RZMjy6anbF33LCV44NwF0vZG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ac757b01fbe9f28a14bd20cfc9affa0e436eeacd86797cc86d0e2423d23ebeca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29288058
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 49250
expires: Sun, 22 Jan 2023 12:07:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 60 KB
60 KB 62ms
61ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1179675-_x600-nocrop.jpg&v=3&w=400&s=gMXnznk0LcUDOVOSywP4nPhn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3e343544e6783c0a3ede846c11831304383a537feb7752dd4f7c3781641f6775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29301294
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 60996
expires: Sun, 22 Jan 2023 15:48:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7AD5 58 KB
59 KB 64ms
63ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1425538-_x600-nocrop.jpg&v=3&w=400&s=X2bI7N7HJ_fCAswtXQvkWIwF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

87186f324986008cd8dd4ebab496af18db320fb78973a1ecfef73f0c229bc825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29291578
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 59716
expires: Sun, 22 Jan 2023 13:06:29 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7AD5 0
127 B 57ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=-izj9CTwT2uZk9assYQGTWzQ77nppHNmMS40efb3HzSy--Gr67qgOpTOAkgqG1UV3cNwwfvV1xPAA3I96eX620pspOPa_Us914Gs-GEaUlRllDChufbYzrbKuIMBVyMWjjd30ae5nzVKhLmXNpijpmvMxSEdWY_3AlO-oBvX_kwAYm72ij0-iphpSSLrX4CsHj7tGnAxTZIc85BngTXGl2T3J6ZP5O-auKW96LzncHg4UHBoa0aeQPBI9PLxUrFvD67GXA&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Feb 2022 12:33:30 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7AD5 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Feb 2023 12:33:30 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7AD5 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Feb 2023 12:33:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7AD5 2 KB
507 B 96ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 11:19:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 12:33:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 12:33:30 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame EBFF 3 KB
4 KB 69ms
37ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 17 Feb 2022 12:33:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2005492
x-guploader-uploadid: ADPycduIhf6Aoa-zYXwOHNffmEbLQvOYt0ueTKOpdiFQ7iUmgrO55IYYUZKQcPDDe0abKq2D7orBtIFsGTx_a-Nc2yE
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsQVEh4E%2Bk2Kk9XzY6eBQOaMexPVtCuU31xMJCcC5jKIn8TGLzqrscl3lLAOr1kb%2FUD054VO9g8RSn2o0ri70nKkp2TL9csom5F6mBqvEri%2B6ZGfkSEHpffdFQ28QeTCiAONEVzumoj5xegS6Q5Wkcft"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6def0b67bb4a916e-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 354C 2 KB
2 KB 18ms
18ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycds-8sQtq3wpa_8FZA4_lJm2l0V1rVRE94pQrLxNSzcoOyWFTKcSCQQ1tfbcjuocIbHYIVQdYrNUUHn7EVvK_wY
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
expires: Thu, 17 Feb 2022 13:33:30 GMT
cache-control: public, max-age=3600
last-modified: Wed, 06 May 2020 15:09:30 GMT
age: 2005492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIWxiohWw2pWhPOdF76sGD7YHXPkYHnoMjZ9TpSGV8ES59MuO5epqQqRfablRZ65cYzmAdIW1pmdrpKhvitTl7Wif16SkNqUUlT6vJ%2FvWZFh6itIfMFEwjmZjWlgDpqIi3uRmmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6def0b679846917a-FRA
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame EBFF 2 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a36b3c665f5a6086fe7209efa5ec64a7149d1b4b50d5b2311658afa03caa213

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6def0b6818899299-FRA
date: Thu, 17 Feb 2022 12:33:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzHQeynJuXFhPj9o3JpiSOIkrqXojiPcJf%2Fxcqa2DbtZs3US4CqTc2QsVUFWrGdUJJLACpksaIlUASQhA2neQcvIsYwIRP2xWqrxdwfg3eDfhJtPTYppIx4lwL%2BNRqv2TntL%2BPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-0d37

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 46ms
33ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-0d37
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqYvQZGhtLK4%2B96AJw7j6FqGIFNxpeC%2F%2FpGfKPdDTQ9lVqb1429WJPaAiHR0zI6y02n%2BrGBXEZSmiHhisCs6uyOHQK%2FJMT%2Fkn9vQfGsSVEEUueXRnFrS5botJ1lAcNScPeL0klU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6def0b67d8179299-FRA

GET
H3 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 7AD5 44 KB
44 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 60734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 19:41:16 GMT

GET
H3 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 7AD5 46 KB
46 KB 58ms
57ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 60734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 19:41:16 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 88D9 7 KB
4 KB 34ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4059b6e2c307b0dd09473cc5ca8efa85ebfca044c0ba041ce6b9126c7eef24b1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gmca68tzhm1xkkj3pd2hcezq3wanm7pybeav1qg4fada4d304m2whgtg40pjtv5k37qk1gx2v4zx8pgcc0t90ahcycbccb57cd4jhqszamqt9f9g3md5ea9mg3y0p9y1ff4dftjjr4gfctf2439t93z2w3zqvqbqy4p6n8z9c35sk7a17nj399mpf7ma5asevnrf1q91gw8z98kvkbk40mdd7gd5j772evpv7an4w44s0r9dz77atcggve75s7w4jja970303fq41daj2127kxcs74w0cd93cs4m6z3y7fraf5j0hx5sypmx5rzft1cf7w3nnr1gyhta19e4be23w9x7bfwsrwjgxe24p6ywkqvk8q1mza56pr63cnz6ehytd2ngkxgx5hkgzt1hj2c2jm29jzwfnsbhjtkrt8ctpnr846wfdrwn3t04hs5vp7ztw9g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%26client%3Dca-pub-4536252381241562%26adurl%3D

Response headers

date: Thu, 17 Feb 2022 12:33:30 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6def0b685aa4917a-FRA
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 88D9 81 KB
11 KB 38ms
38ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 12:33:31 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 787415
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 08 Feb 2022 09:49:56 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6def0b68aba4917a-FRA
cf-bgj: minify

GET
H2 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 88D9 15 KB
15 KB 29ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Thu, 17 Feb 2022 12:33:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308511
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdtZ9YEms1kkExdN5HN_qgg9dmdAx19Ju0cAGxozuoPWcUKAmOa1TukCx5tss7-pytfhFHZrXQ86HEqweuBbpz2orZYmjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTgEUudxCYWM%2FhZZdGR%2BWD7SHpOPdqoaRWu8O8bbD1CbsYeDkHFcvdFWamY5FO0KXuOqbxK9a4XfxpG6NonQBNDfYZAyYluYA%2BMAj0W98wa7jNh6caSxPCHdSF1I2Rd4DGrAiYSC5Ml3mjqI"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Fri, 18 Feb 2022 12:33:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 6def0b68bfa99079-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 88D9 382 KB
383 KB 28ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date: Thu, 17 Feb 2022 12:33:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308511
cf-polished: origFmt=png, origSize=588465
x-guploader-uploadid: ADPycdvV8dpg_Ti1LMCXz9ccLl_wH3gSl-WuoiUjIbaMVnRvyhHFcIc4orD66heXpHi3xA-efF4DmBqQVRjhmqzzepQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391402
last-modified: Fri, 22 Oct 2021 09:31:50 GMT
server: cloudflare
etag: "6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imMv0BhnnGGAOZ2oWCBppiu7Wi2zotxArbB%2BwaqqUBjftuXYmvxxRZERPwyj0dwinl4o24W%2FVgw7yHctya%2BY3DeA2r3GOQc7HbXJNB%2F7rVwm6tkPX7VyrWv7aUm5%2FuDqwGXSKwj%2B3EJZKWQQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634895110632642
content-type: image/webp
expires: Fri, 18 Feb 2022 12:33:30 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 588465
accept-ranges: bytes
cf-ray: 6def0b68af969079-FRA
cf-bgj: imgq:85,h2pri

GET

view.aspx
pb.media01.eu/ Frame 88D9
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATK...
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Ne...

0
0

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 88D9 18 KB
19 KB 41ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Thu, 17 Feb 2022 12:33:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 316984
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdutJMvqrCu-buRMAdSmDERvnSMXJ-WbTnIsXKXBbOu5g0ExMkHiDMGxYevjS_Q0mn8QqURBFeSxDaNhuJ-YgWhgQI2KQQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJGK1Y6JgciH47TP1u74tWq2C%2BQn1DKnIkdMtEcKZKyowWO9FBg87%2FPWfQIEWI1PULxKy0v%2B4Zqd%2B9jWBSsTe9SyGKpevfaVncNRX6Hpx0KuAOM4IG2ZetL%2Fp9HefYlb%2FQnOLv8pRCve6UR3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Fri, 18 Feb 2022 12:33:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6def0b68bfa09079-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 88D9 9 KB
10 KB 35ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Thu, 17 Feb 2022 12:33:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 353696
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycdtJZ7Ggiw7fs4Qn_wme1yXmo84hgw99HtB81FwgNluNqAAuQkUqyzuvFcos4APQbaDeiD8mk2sTz_gGEyu5I6Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ0l%2FtxdUfm%2B7CT1wpRUersRfjcJWOpesD2IAOUe9j7rnGzRyy7krPPOLqe5zwGajyAFWZNk46Y4oxYf4VSgG4WCwoMRq3URqc9FFdAH%2FG3Mxx%2BJSxEh5Sg%2FmW%2BqY066RLZGv3XLCSqB6Dxh"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Fri, 18 Feb 2022 12:33:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 6def0b68af9d9079-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 88D9 43 B
704 B 131ms
13ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneideYET3fVfxBVcjHZHet1teW3swSQT81s7Ewoneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Feb 2022 12:33:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 88D9 38 KB
38 KB 34ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Thu, 17 Feb 2022 12:33:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308230
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdtrIXyRtHkLItEelK1LvH4frUhii4O0YP-b12bNE8jDKNj_eHL9ISiCwThrEfURDDmP1wwxKcv7uTLCGZ85kfQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZc5IAXuU57Vj7q2ZeOYMb2EBS7LLWSa6EMkCK6TmCYom7SMRP3Jlcj5gDgZRoIEa%2FbJGxSL8zGe8rJ0U3AZzGELZNXpMCVrG51agbFodsMB0H5i4ejkp%2F1DzcYhjnSsi6FwJd0mZxSokeVX"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Fri, 18 Feb 2022 12:33:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6def0b68bfa59079-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 88D9 84 KB
84 KB 35ms
27ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Thu, 17 Feb 2022 12:33:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2005489
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdu4nh5obCsLLSKtVW321FZH20V_oHseo8WCszOV5QRZyn8AI_p2Ga8U-RQdTMLH3UX-cvFr--pvECd8J4wOD0A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzAnM5Na9qe6N6aV%2F03YthHXYNbpwsjmOdUp86AuuXAgjsjfctSiUcGld7cTEWX9uvOO3Iy85JOoYPdjazfcdqf%2BnsjlBZnzNKaIX9r%2FWznRJXxKKA759VV9HJ%2BwqouIpkWT80TdXQEnQTTe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Fri, 18 Feb 2022 12:33:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6def0b68bfa79079-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 88D9 1 KB
2 KB 519ms
406ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kgfw7xd0p0m162vxqamdv97sm0dwjyeq3gjjx6vdwae1rtj5yqvw6tr7sw7n3ebwqcwkycqk7nsctgkrtw4bf1qcv78cn6pqms4stqgdt49eew7e886e2r93d2bx7x6xp2wt485hq0k70hs7btm667bffg0bfjtha638m3jnm0533y11r4gq7t828syz93jwmdr866mpf9q4pwxfjkeaern2xbx4591kv9gxgk9qtt8wtj9ws9bahkf0y4h86zfvtxzh4497mmn6yyy2mfp65k17nw55da6wm1chjddbpj2vmf2x2dg%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATKREDIT
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: a38558d7c52df349e691153421e759f829967094fb2f8ed40c865ce3cd3825b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Feb 2022 12:33:31 GMT
Last-Modified: Thu, 17 Feb 2022 12:33:31 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1468
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B6AA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 165306881665788436fcfaa1f0ec24397511006feab6ce5521a80160b05adc1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D625 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75f414e7ad727cc129821943657bc50c4bcfbec2a6e10c1c2c988036d07436d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 88D9 51 KB
51 KB 53ms
10ms Script
application/javascript 18.66.248.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kgfw7xd0p0m162vxqamdv97sm0dwjyeq3gjjx6vdwae1rtj5yqvw6tr7sw7n3ebwqcwkycqk7nsctgkrtw4bf1qcv78cn6pqms4stqgdt49eew7e886e2r93d2bx7x6xp2wt485hq0k70hs7btm667bffg0bfjtha638m3jnm0533y11r4gq7t828syz93jwmdr866mpf9q4pwxfjkeaern2xbx4591kv9gxgk9qtt8wtj9ws9bahkf0y4h86zfvtxzh4497mmn6yyy2mfp65k17nw55da6wm1chjddbpj2vmf2x2dg%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATKREDIT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-39.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 22658
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Thu, 17 Feb 2022 06:15:54 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: QDdP9t5ht5dbkMT1X7AEoJ9UTH7uTW6NK8xYLkrTqyUdNMub16OVIA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 88D9 85 KB
85 KB 742ms
693ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuidcg5lha_vgUrU4nDlkOyEV1u6koM3AMBUasuid__suite_Netmix_Reach13_BlackFridayPush&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=300&d=250&e=9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0G&g=9f802af9841e6ff9ee516e4afb8cd83e%2F4777461285509095193&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1645101210914&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hcq24233w9a1hzdxjgx9gzac56dw4mqjj851m21x7m4q3xcex47vpw2eh28nja1geys716x0k04m95ahe2hqgbpsvv90vtt42v588q13w2jv7gk8behyw06t9918rmjttm1xtt3tgsvwp53ay6t8g78fcja9bcs2grh4jhjqjanw1t83q6xgd4c5fcmwtf6rpfzjrsxj5zkdkg6ytgt94vnaf8kd70gmdfdy0bxdqvwzxxncc8cw5wkvrw2xkeqr9q43v51ydj7qbwk6qh079fr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCND7TmkAOYprQF8rY6gTu-YDIA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ1MzYyNTIzODEyNDE1NjKgAcKu6N0DyAEJqQJc7rcQFxCzPqgDAaoE4gFP0Bx4dtBkqk2q7xTbzw360JiCjjlFpC9w8VR6Rc9KdwXX2DippmA7hrTziWtnAK1FpvElRpKX9WjS-X7tyvVe_XHjcQ0Hx4tU6cUakt06RXRpxXqrqvE3z4ew1KE9WDBZmh_87ug34sDy7SVWrV8aYIy2--AjmCD01WOU8jpMddM5G6VYWZGnNUsTNyybZOo_CkvxMGjRIFKhgp4rj9b-H3Lkr_y95D2SWMgNVjp4yjWCCvIF4_-xnT7OzTlbuJEewaUXTywHwWMXQt38rLp_GrkhKPzG8QbutuCkUAMhEHcygAbwsY3l9oi-7G-gBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0cNifDqmD__9aAKh3GZrz3t46JLA%252526client%25253Dca-pub-4536252381241562%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Feb 2022 12:33:31 GMT
Last-Modified: Thu, 17 Feb 2022 12:33:31 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7AD5 0
127 B 15ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Feb 2022 12:33:31 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 88D9 16 B
232 B 175ms
175ms Fetch
application/json 3.248.87.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-87-88.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Feb 2022 12:33:32 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 149ms
29ms Preflight 3.248.87.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Feb 2022 12:33:32 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D625 42 B
64 B 114ms
69ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKK-VZI5p_lAugPRfnTf1TwYvJPG_olOzgm9nJ1Miwrg96GmBfq3szROweVN-spda8FSwLsEonTKqhQQ9aLp1XTA&sig=Cg0ArKJSzGdaXMyHZY9xEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=685,1000,1000,1000,1000&tos=685,315,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645101210412&rpt=1004&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 12:33:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1

Domain: pb.media01.eu
URL: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuid9pbRyCbmQnV6_fdHZ3MJIVAImc0RWB0Gasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=981741&produktid=&dt_url=

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.galaxyfirmware.com/	1970-01-20 18:29:33	Name: _ga Value: GA1.2.5713642.1645101210
.galaxyfirmware.com/	1970-01-20 00:59:47	Name: _gid Value: GA1.2.1673864083.1645101210
.galaxyfirmware.com/	1970-01-20 00:58:21	Name: _gat_gtag_UA_76442928_15 Value: 1
.galaxyfirmware.com/	1970-01-20 10:19:57	Name: __gads Value: ID=46e804f4562efca5-2215decd45cd0001:T=1645101210:RT=1645101210:S=ALNI_MYf86XXTt5hngMlq0BrqPx8WvgHbA
.doubleclick.net/	1970-01-20 10:19:57	Name: IDE Value: AHWqTUkKVYh4M2MpBXCItQLdCoriJuzoQYIV7rhSXIqs_dVkVy6528KDSYgD-bPP51I
.quantserve.com/	1970-01-20 03:07:57	Name: d Value: EAYBCQG7JYEA
.quantserve.com/	1970-01-20 10:28:35	Name: mc Value: 620e409a-b3156-21b83-1d76d
.casalemedia.com/	1970-01-20 09:43:57	Name: CMID Value: Yg5AmtkuESuwOyqJEd6fGwAA
.casalemedia.com/	1970-01-20 03:07:57	Name: CMPS Value: 3269
.casalemedia.com/	1970-01-20 03:07:57	Name: CMPRO Value: 1117
.casalemedia.com/	1970-01-20 00:59:47	Name: CMST Value: Yg5AmmIOQJoA
.innovid.com/	1970-01-20 03:07:57	Name: uuid Value: 3a3704f7-d021-4ca4-805c-862aca430b52-20220217 07:33:31
.awin1.com/	1970-01-20 01:08:26	Name: awpv14098 Value: 412871\|1645101211\|d0948c20-8fed-11ec-b037-22389adc0a30
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 429086:2519498
.pubmatic.com/	1970-01-20 00:59:47	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 03:07:57	Name: KADUSERCOOKIE Value: 26BF47B4-96A3-4AF2-B0DD-A874DB2E56E3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yg5AmtkuESuwOyqJEd6fGwAABF0AAAIB&google_gid=CAESEAwrgLG7M2cMV7__YjyDVm8&google_push=AYg5qPJqKEZ9YHr_0KWToaRIhAJxmB2AxH8foh7fC6PNAmNQLeWAm9SPe_P3IV8jR5i1mRoaZkPMAkICq5OB4RoB0ZdACTLpjPM&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cat.nl.eu.criteo.com
cdn.trakteer.id
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
galaxyfirmware.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pix.eu.criteo.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.fr.eu.criteo.com
rtb.openx.net
static-de.ad4mat.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z-na.amazon-adsystem.com
cm.g.doubleclick.net
pb.media01.eu
104.92.94.3
141.95.157.215
142.250.185.194
142.250.186.66
143.204.95.64
178.250.0.139
178.250.2.148
178.250.2.150
18.66.248.39
192.82.242.209
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:3032::6815:26a6
2606:4700::6810:135e
2606:4700::6810:5e41
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:828::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9c
2a02:2638:1::11
2a02:2638:1::3
2a02:2638::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d01c:1d8:8100:cf80:c203:5e45:e44
2a06:98c1:3120::7
3.248.87.88
35.186.253.211
46.236.13.147
69.173.144.139
00f59da926d489e3ac5c881db1bd2699717b8b5106a9b7968dde2fa02d2c1f9a
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0beafc5b9034b1c07d55ea2130782321336ae51296e1496f3667badf303c58de
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12523501996e31c888ba97e221f91e2033222e7e7c7a21e1e755133f45646c7a
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
165306881665788436fcfaa1f0ec24397511006feab6ce5521a80160b05adc1d
17e2cd2af5475990b6800e54ecbca7314099288d0b95e1fb73bd10d327ff0135
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1da591e87cbbc5f95983323461d234b36877aba330c36c85b5431998254caa32
252f5194bae9a7fda5883f708661b84c7c9fea73700459da8803bc50b9a97d07
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
2679380b4144acfef1968f3057c17b78c28dcb394d0d1c084a029c5c09e418fd
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2a3aba8dee63a3e91443ddce230696b802ae4db6e643f83ef6b370668211566b
2b6064887ef3e3f56b479f8ea7f09711dd735504e5ba4f937ca2243eed79ca08
2bf01602d5a31c4b86e65ab71bc587301bd2d266ba6271b584742ee999098563
2bf96c66e3d73bb911bcd3f48515ec8856f9e08fad67a3006c1b2d0954d61cda
2d4aacc3985096be0319521b456d42c9cadcf05e76495054be1cfc661f0813ee
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3274465ad563e4b4b0eba51ca9905ceebc329ba0a276adc118c85c1d6a326d2a
3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3a36b3c665f5a6086fe7209efa5ec64a7149d1b4b50d5b2311658afa03caa213
3a9972f17e1fa4c1e8b5f97afba242956ddea29fd7b10fc537eef1536bf05b68
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3e1e107ee0cbb80dc4d09b1ad0c4889e3b7f5a18a3a67cb77394b0b8d32f1bb8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e343544e6783c0a3ede846c11831304383a537feb7752dd4f7c3781641f6775
4059b6e2c307b0dd09473cc5ca8efa85ebfca044c0ba041ce6b9126c7eef24b1
433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4bfe55163fe5f7b2b54961753a79ce8f5bd8d76886479e78be996177ef9a16a6
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923
51a9972c6f13b5510730dff6c349f812510c778b2f7722f00426c287246c50cf
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55e5d2d0c174ba4614b1c21afe5fbed21e5943768634928bb9c5e3ad0075a1f9
5706e805137fb4bfccbaf552023102107df9b9112e1fb6451df1815de4265214
5980c9242ef84464db5b59819ec2054be78b1582421cc09506d1659c39298e12
5b51b57f63cf58e451abddeaee39a8c7b133cb3d58c6ef1a903883bda7c346b0
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fc51fb69b8103de49b4ce84672da41d491543171e057e0a2be445892e76fc97
741ff0931a0d2097b2ecaa880274a38aa7766973adfe2ae84273641783cdce16
75f414e7ad727cc129821943657bc50c4bcfbec2a6e10c1c2c988036d07436d8
76a3658f5f45def0750a70247d604356ff4eba996b30aa23a657ac07044caed4
7713aaffa68d1bed72578eef36cd9e518407e8f02f2be354bb3b1d5fbae0db92
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f1f05b944164a16740a6b0e96aef23fd5a54abba0fdc286e4f93fe9dc47182b
81c0d705d39830242859e71362a824e8551972dc4b727675a1a3e03e3b02dc0c
8214283b99e5781396996fdfd84c551ea7ac15a248465ccbb9358b13373d802a
86f12583b946e191f91315e922047a9137dba622805d13a3aece65b48fdf7167
87186f324986008cd8dd4ebab496af18db320fb78973a1ecfef73f0c229bc825
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef08f62dcf2a8d012c2961fcebcea277d53b83659c3d78d32011fceca892c2b
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c
94773db8e4ed0417c38fd37dccafd6450b04f372f73c3e2b2a4336f56707dfb7
958e7aa4e2d41ed40b30c94045261cf89bb80d6ba02b0b99adad5d6138ecde7e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f9936bcdcd5fd28c0f811afc230ba3c0253ba00284673299475e3c8aa43309f
a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a38558d7c52df349e691153421e759f829967094fb2f8ed40c865ce3cd3825b2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5348c4a451091156bd62f18ab99e5fc267021a56980110e8b55242fe6fec5fe
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7
ab1a8b3aeb45ca24f505b2863f71e3e631c1ed63d5ba0036b77266ca265d95b1
ac757b01fbe9f28a14bd20cfc9affa0e436eeacd86797cc86d0e2423d23ebeca
b0b8f5b82a114265bffe5f2312fad5122548065df5f426e2a9caf64b0b019146
bac4ea004d72c2f74cb64b16cdd796cc3ef932c7c937487453bcb636d64bdcdd
bb74c24862d9504047c043881ea6ec701fcfdde2ed18619b3e7528be4b2e2aea
bce89e541124ba056e50879611618d51b440d8cdcc6a2d29efdc4c725b7c7e24
bd22f5ece98250ad96fc5d596ecf572ae950a0346517f8e3b91937e4308664d2
c1e3126869cdbe177fa1a26b1dfc6d47b13ff3755e5c118d5f0140f04dbfdf74
c47f6416a1e7a3b94dae823315649210f4b53409b67cff267622ea6290fbf2c6
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c8dea690935fd751de3403813c2c0ef2a8750a9f7018fb3cf7093d4fbf3ff4f6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d0bc4c2c15721f4ad16a47146e51c99571f8c365c5b5de1802f2cbc8a0db47a6
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d62b7ffe4f1c0c0ff77d2ae43bafe85703607c6fe8493cf32ff22c020fd07c5a
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e062d591dbaad64e86a1ef761325acfa13fe93855eb99b82d60d4bc2b6676441
e0bcf47c7f336f2646d478cb56523e95162d38af1f74a72fa20c04010136ecee
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e1db6b0996e11af9ec8e0bd9c47555bae61a1cfa028b7177d30e7d112e8f38f1
e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7437303df46a7ffd5bc94d07b13f07668ca4b25275584f7a55bf00be930355a
eacfa8f55b323cbd47190382a9851e359181aae709d172d52b4da9303e86c56d
ee18417467d85e39604946daafe734dd53e0fb4d89d21b0a3ed922449c50f9fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbe5ba35d4d4065ff78a6a3d414e4ec11d8ec31cb37a6f5b6dbdeee7ddf289db
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

galaxyfirmware.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

97 %HTTPS

67 %IPv6

31 Domains

44 Subdomains

40 IPs

6 Countries

3546 kBTransfer

6040 kBSize

16 Cookies

15 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

galaxyfirmware.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

97 %
HTTPS

67 %
IPv6

31
Domains

44
Subdomains

40
IPs

6
Countries

3546 kB
Transfer

6040 kB
Size

16
Cookies

149 HTTP transactions
6 data transactions