mail.nitrotech.info Open in urlscan Pro
104.218.53.78 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.nitrotech.info/
Submission Tags: phishingrod
Submission: On November 27 via api (November 27th 2022, 3:44:48 am UTC) from DE — Scanned from DE

Summary HTTP 282 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 48 domains to perform 282 HTTP transactions. The main IP is 104.218.53.78, located in United States and belongs to IS-AS-1, US. The main domain is mail.nitrotech.info.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 27th 2022. Valid for: 3 months.

This is the only time mail.nitrotech.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	104.218.53.78 104.218.53.78	19318 (IS-AS-1) (IS-AS-1)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
10	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.7.114 108.138.7.114	16509 (AMAZON-02) (AMAZON-02)
7	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	52.208.159.221 52.208.159.221	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
8 34	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
3 6	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
7 7	52.29.215.78 52.29.215.78	16509 (AMAZON-02) (AMAZON-02)
2 2	99.81.44.108 99.81.44.108	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
3 3	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	34.252.9.30 34.252.9.30	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.193.4 35.156.193.4	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
2	18.133.50.153 18.133.50.153	16509 (AMAZON-02) (AMAZON-02)
1	94.130.160.12 94.130.160.12	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.109 13.32.121.109	16509 (AMAZON-02) (AMAZON-02)
4	18.132.178.175 18.132.178.175	16509 (AMAZON-02) (AMAZON-02)
282	47

15 104.218.53.78 (United States)

ASN19318 (IS-AS-1, US)
PTR: loveintime.in

mail.nitrotech.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nitrotech.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.hooliganmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-114.fra56.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.159.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-159-221.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.185.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.84 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.29.215.78 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-215-78.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.44.108 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-44-108.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.237 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.9.30 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-9-30.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.193.4 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-193-4.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.239.217 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.133.50.153 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-50-153.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.160.12 (Karlsruhe, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.160.130.94.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-109.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.132.178.175 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-178-175.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 ad.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356	451 KB
56	googlesyndication.com a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 182 pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	296 KB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 16914 ad4m.at — Cisco Umbrella Rank: 5765 assets.ad4m.at — Cisco Umbrella Rank: 24714	2 MB
19	wp.com c0.wp.com — Cisco Umbrella Rank: 7538 stats.wp.com — Cisco Umbrella Rank: 3342 pixel.wp.com — Cisco Umbrella Rank: 2850 i0.wp.com — Cisco Umbrella Rank: 3604	371 KB
15	nitrotech.info mail.nitrotech.info nitrotech.info	155 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 332	323 KB
11	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562	9 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	351 KB
7	awin1.com 3 redirects www.awin1.com — Cisco Umbrella Rank: 10033	5 KB
7	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 381	3 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 12452 api.webgains.io — Cisco Umbrella Rank: 39757	62 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 63732 static-de.ad4mat.net — Cisco Umbrella Rank: 88290	12 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	2 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 276	5 KB
5	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 9114 api.viglink.com — Cisco Umbrella Rank: 15959	30 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	30 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	3 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 983	820 B
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 40023	71 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 30797	4 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1439	458 B
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 3093	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 373	798 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 652	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3136	792 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5967	647 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 866	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 865	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 876	807 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 411	921 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 871	1 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 23757	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5200	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	20 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 46156	640 B
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 82280	943 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 63865	517 B
1	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 1375	56 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1440	574 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 454	266 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 10838	553 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 926	191 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4274	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 956	465 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1193	280 B
1	hooliganmedia.com cdn.hooliganmedia.com — Cisco Umbrella Rank: 292805	191 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	43 KB
0	sonobi.com Failed sync.go.sonobi.com Failed
282	48

	Domain	Requested by
34	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
27	tpc.googlesyndication.com	mail.nitrotech.info googleads.g.doubleclick.net tpc.googlesyndication.com a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
22	pagead2.googlesyndication.com	mail.nitrotech.info tpc.googlesyndication.com ad.doubleclick.net a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
21	securepubads.g.doubleclick.net	cdn.hooliganmedia.com securepubads.g.doubleclick.net mail.nitrotech.info
18	assets.ad4m.at	as.ad4m.at
14	nitrotech.info	mail.nitrotech.info nitrotech.info
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com as.ad4m.at ad4m.at
12	s0.2mdn.net	mail.nitrotech.info s0.2mdn.net a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
10	www.googletagservices.com	mail.nitrotech.info www.googletagservices.com a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
10	c0.wp.com	mail.nitrotech.info
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	www.awin1.com	3 redirects as.ad4m.at
7	x.bidswitch.net	7 redirects
7	a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	i0.wp.com	mail.nitrotech.info
6	ad.doubleclick.net	3 redirects www.googletagservices.com as.ad4m.at
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	api.webgains.io	analytics.webgains.io
4	www.google.com	tpc.googlesyndication.com mail.nitrotech.info a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	mail.nitrotech.info
4	googleads.g.doubleclick.net	mail.nitrotech.info
4	api.viglink.com	cdn.viglink.com mail.nitrotech.info
4	fonts.googleapis.com	mail.nitrotech.info a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
3	static-de.ad4mat.net	as.ad4m.at
3	ssum-sec.casalemedia.com	3 redirects
3	prod-rtb.ad4mat.net	mail.nitrotech.info
3	onetag-sys.com	2 redirects a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
3	www.gstatic.com	mail.nitrotech.info a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
2	cdn.track.production.webgains.team	as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	track.webgains.com	as.ad4m.at
2	sync.teads.tv	1 redirects
2	a.sportradarserving.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	sync.1rx.io	2 redirects
2	match.360yield.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	r.scoota.co	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.conrad.de	as.ad4m.at
1	tm.simptrack.com	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	cs.emxdgt.com	a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	match.adsrvr.org	a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	pixel-sync.sitescout.com	a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
1	cms.quantserve.com	a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
1	prebid.a-mo.net	cdn.hooliganmedia.com
1	pixel.wp.com	mail.nitrotech.info
1	cdn.viglink.com	mail.nitrotech.info
1	fonts.gstatic.com	fonts.googleapis.com
1	stats.wp.com	mail.nitrotech.info
1	cdn.hooliganmedia.com	mail.nitrotech.info
1	www.googletagmanager.com	mail.nitrotech.info
1	mail.nitrotech.info
0	sync.go.sonobi.com Failed	a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
282	66

This site contains links to these domains. Also see Links.

Domain
nitrotech.info
hooliganmedia.com
www.racksandtags.com
bluebuzzmusic.com

Subject Issuer	Validity	Valid
nitrotech.info cPanel, Inc. Certification Authority	`2022-11-27` - `2023-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
hooliganmedia.com E1	`2022-10-30` - `2023-01-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
viglink.com Amazon	`2022-10-13` - `2023-11-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
simptrack.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://mail.nitrotech.info/
Frame ID: 00CD12178DCC21F27E48BAF455EBEB2B
Requests: 80 HTTP requests in this frame

Frame: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3EF38DBC367F246EE69977FA17D79633
Requests: 1 HTTP requests in this frame

Frame: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD33FDA1E77C08161107510FCCF02118
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNXjQymWg0D6u2pymS_xea5AWPK-5IpmkbGqoKPACBlbaWhLnVVNsxW10WzH7rYdnYFAuqOFyaGZ4QcFeqYzX4O9ZlkT_jiO5B8KYYl7Sh79gy4Ca_CzGPPxBMpMh3t18T02gDeKHg8fCizzXAsaQs7DzOfIZJ9zv6ouPhhjplx0V-1sg1RBJYQLH3NQTCRLumtXhg4y
Frame ID: 61684F38BE4D32E389F867FA2CC4792F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgbbWq0Ym-Q_DlTWxTtwB-Y9m5IjDj2_78W6yiR5vzGwePvzf41QJ0O35V8zAkYRK-se-FVdQ1WDP4X9xrGsqx8kvWswxTdz2Am6wwi8GSc3xA_Tfllvc8yOTTSpNc79rAPgVvv5eO6onQw0eZBAzVMinCr01lzEmfPAyP3sbiLSDLBNE&cry=1&dbm_d=AKAmf-C6KNfeKRYT18wziiPqRLdu5oBjwywNc3DYGYDZBmaoh0jFtcMjVS0jHyEhaTZyEmEsAvsoyjdHSDbm6Sdq8pvYXUkhfC5vRE7_f1hvxkiMSlnHqLDOXk2Kt1dEV3Ln2T54aPg2kkB-uf5WizT6Fp8fKwn48k_gQDQZTSVrFAZoFKh5m1PCGX54h4lX4C0hIeC-Hsw1I_BRweTxodGmnFBZ9xckeHhQLn-lESwDNsPKtHDYksr6slTym-j3x4o6b2TQ6_bL0OSUeC5-dldP97J_81tC1EJtrw2cvydva11bl6cmlQOwHM6XN2JC_sMuCg6lUYrFkGzp8RSIxVxVshlwaAMho2QhMttJYT_s53B5gSuTwJ0Po_rctx5EeoJSEjDzRyQQ1F04Tfp62tUZ5hIfvPYbzqqwtoTIA3G0V8iXx_S8gY95th1AmbTyJngZ9SAdJ6kGE_8a00evTKPjWZytbfUDkYE55RV5l0AuKOyCWNsdpGbMjauq_PuNDjWYysaKKN1PJpEB8-CcP_cvfZeJjiQDTj-Naye5xGO5QSO4YTRcXJDFpPqNwxB-iLHfukhg6wzYDlq1Pdn_z1i5ETodUB0ATLaekr0KHyy1TMaoQN-IlYoXsDqLebYAOpBV38nzMR89hxVWgxgx4W5099Cinkc-_UdGfBc9k649el4F3Xx3ECWHze9a3PD46f-BUcg9omVi8woIhaqeAdQgdUAB08KRGRIG_sraFzLLCiWfsQrRaPR7kVfz4xKjuaOrp24cOT5ppRvrMqFfO63riZwQjgIAQ0-o_Ryl4wC67yUYFOJ7IhKf4B6kedX2qrxuK0xYtxIVLBncyzlYVbQsOwCkfTvSpb6A_Ozn_V0-6kuMZoHujsLJD77iChJDpMLHyIcXq5BTrrmHg5gi7-tt8Z6gXCGDpvDZyH-lZXJbljta2vhGMsNQp2f9DImGYlNGFKVh-U8eX7DXiAeHKPgeM3Pki-5raYcjYdyyqRzcQqg8-hC_TYgSn0jsWoNHAhogBmERIkXB1HYdAYGe9DqqmgBY2K53c_XBceqa6fTxGr2G7S9bxuYADb1-j1MU8AxVOPSJ_HwQ743ufLzp3yp-CtE9bmr_YJsvkVsr6iKls8Cz5XxZQXTZzHAs4_QwLhqSaL5BJllue7MFJqBQil2_Go_YMUbR1D2DGJjs5k-6unu6Lb0-X57Y40FzLVz5uIWGIakxZFkW0KYkjsdYdY_yuXKdV9T6CFlUg1mXApCZ4AMGBRl55vjUdZJTxUSmkZXZYaNYt6DEdPfbsDtPWetsbBJQpUWtTAf2ziDy6PnJZDFdAXmvcnqpCZFJOBOKqh5pXfoNyIJ6-loLb2rC7TbxZ1s2KxLatMRxs9xw6giOVAzoDthVjXv0MW2eBc4HLTudOWSqC7qhUjrbrb65jgWaCT2dQxyCb27Yy8-zrMG7cO022gXloxGW3DYGqmgZbxlY_tEBGUugWjn0jY55ajCOZBMxY9dnRr-JtETHtpxFQhdczN12xv5pzvUkUZdaMjNyl8Nu_dHoTUc8eu9udYyDjwBpMvEg33zYFeP_6WX90e3JKDxYyIMuhAlIzNs3dC7qnTSNiq2xKjRneohppFDAEJ2olsHFCQKf5j4XMRIxkFew0fqvYnHEk6SBmeXixA6hAPHNX73jqW-wX5-shIUxZXEcGEyN88lg3o8jfC-Ao7keIIfmA3KvZowZSym-OcoIqLGD5IVdlrCyaQT_s6vBsJk4Aau1fcJvMGLPiKxDNaytpLKjNx2CGogQuFhUPNIOWQvZYVV2mndDX9xMmRXFRPa1-4jy4E2p5qztuMtAt55mw2dnPoBswuAs_ivrbDU3B-xNpolvYd_kB2N-XAQZBF-aSJt_EtCuHlmCzuBuyM7j76FZHnAf0-eCqMIKCp2RArMk198w8bHsWBfYUxW78TvH0uzew-aye4qTkl7aZTX_e049Vq8VuwRA-DgTj7gqQc2vxdAqn44tSBLfTlc0LVxrzN8XZSvLSa2wuW_hjzmiQ2eGtEd1jtfK0PLAVhI8mkx6Ykaoo0mPHSipNtFS1_bZJz-J5mn7Ojfd7GK825YPuDvzonYEMMAEqYkKujgutUPTt3qzhp12ebw29qUizFgpLBENJpUrbV2_KAKxog7cMwM9kx_cHHm2uxh4ENM7XLHDayBt_6l5EruzvOqCch8DZrq1Yld4gVAmHhWrbqKtS6kWv4ToVnxmqHdx98HcIKpReW8p6CMNx9_SqA-3mMhrhLWgXqyuCVXuDe4RRWo7R1DvIY6b4VcLP7l8rhad2_5XxAMCmHfsZYe9_9rcuJCLvpLo6P_l7sdMVlzFns_wshyDD5Lj1phhN31UV-3-3e4P9c7f_zSZsGZhcX1WJslTiSv3B9E9E1-Xk3CL8aV6b7Onobq-ZPlEBYlaXZS66YfNaa4LadU6DF3V-dXQ_STwlhYt71pfbI3VW6QZ5EWD83FTpdp6HTGhc1QyPFDAYhmhuajnpZBcvFKrPmqPehu5KpNae51TL_IIiVr4OFn9R0gpvSaovB9nRI_WjLiLOiwN2t_uWu69EBeM0OUZV40jh07acmXEfzc46d7DMBKimZ-MOK7z-39BZh_ocMFP4Iksw09jTs6S9PBjgiPy3qzx_ajuwJcGiLZrLLwdiBIeHh_cIwL2RaI1Om3rn8ioyy1P5-hMJBZSbM84QYzdtQDcQnlnu6lAnNe8Ws4rq_kUrtBbZBcTjab-8mMm3cTCdATL61Tkob_Hmt72rQFqDWZMK233cmHgkQsDWmhH50tWDLP5mSZmgbGe2_QRbwSTewfPlZSXhhij7nbLWZ0h6LYHcMmo7jTv1gUmMrVX2MV1gHrDZLwWFTHzh3QA0S9YcZJ4c5cnJgkxRDtLF_0V3vX1wwsqi-dCvgZCQAhGcAN-0MErYwlsgi3HnH1tAgdwG9Ly-NAy59Mw9ghc-6M62-QrRsf_cOwwq9AOpUOU4MbgEoSOD1AGEVx1Q86PSUfqVTabXZ_cyeKojc1WvqQAWINmyqLaSjPLYF7j7EilWHuoUOUMZAnY24CwPzc5HsDF63SgM-snDPZ1okNDF9-phkUKgPmWzLDiylpHyTkWt4unnao2QjpxBBR32rZOIyARDiTUmbanE1ys54rkbkcJtoojQWBXSXXRnlarh6fi5c59myvZk4kih36U8-Z0WsfnVCbOEApCi926bCXG2QajzoalHDccacuRvVLzuH5zjnWx3ndBhfRW4qHQz2ijeaahhkmVb2_TBcL6ht9Rbu-xSDVpClJ8XbII2_b2RvVWJktTqxkDyGeMyeUl72fOLu8XmzKQPibr5fOgv3OO6D7dkkjOk6FH1IZBGsvvFLy63BktHV5Nh8Dn4Ax4g0Sgr5uP2y6_rfP8sgVBPGfHUiO_0Rd3wpRAEmm_SKBLBh-O85M5YFZnM0zM8bLrXFC_WUT826IoaOBMqDyRjB6xSsoHnkuy3DOiHfFui7JKHWFHm9odTbnnhTw&cid=CAQSTADq26N9V2q5n0FB3NpIAB-j1IpjWPr4I2aNk2g5iO4eGkB1VQydm5G9bW0hOJxEoQFUYG160qjPwIB3jfFDUo5roN7tLumYExRq-AwYASAT&rfl=2%2Chttps%253A%252F%252Fmail.nitrotech.info%252F%240
Frame ID: 39EC7DF2A34937589793ABF868AD1680
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B025B22020D9C9AE6DABA070DAE654F8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B71CEFD9E353839464594C5C5446633
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
Frame ID: 3C5128C741E77B2755602B10D51E11AE
Requests: 5 HTTP requests in this frame

Frame: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3ECCC1D53BD4C05A240901DAD0D4A11C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8EF388CCB5C7A2586181EA386169DABF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 9724931CF4899F8FAAA8986F7ECB468E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 10E27D592C563D14441E8DA7BEB676C7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9390BFD4FD26D5FCF6C0E79CDC9EE1B
Requests: 2 HTTP requests in this frame

Frame: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0032D39B40CA6F2B8FFF41CC3E4FEA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNX9OJdDEf3CEcTM98DznarBC7DjNl04Zbfk_Yc-sIMKnQeJkEWLHWrdldyzgm22tBvRgkFbLf4kIs5F47FXZk0uOlGAOURDrNZVY2MPA3iyKRMcI08-bVNP-owXfg_jbWV4E51Tcg47QluEXAWo-MMfYXFrK0j688WOpWG_s6g1By6kWwd0H4IyUALLbxVckNbikjqy
Frame ID: B656084E913773917C40E2F2906D8AD6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwHpCvC5PtMvkEKpbLkahcWQgZ_msl8cYUUlLK8vA7-ANKiHrvTQOWJFU_XPUY0GwmP7SuiNvgRFwIkKy-a7DB2JPGiCJKpHsTiTIfsmiyA1DoE4rvh3scVpybPaoECB2I8U_MLh6ykiSV_bRD2U2puuAlrLMxEWD7kauhSBFcPWH3KVg&cry=1&dbm_d=AKAmf-CjopDiMK2HOjOJ0cjOpR3FlWaswJLhI6b00sHqbljZkzjliOM5NJ-SvtRYWo5uo-bs877ysw7Sq0lILgJzbgt5kazIwdIuLsaRfRTH3KNmC1qt6RoBPBbr86LHQ8_DWmLTsswJeTp1Ywn85Aq0Wn2rqJUfsUg56f_qNr32ruZOArmwkAT7mknefNoyOH7jQyiyaDr9h6YICLj7qd40kHAUtlbPpoB3oRPwR4OyoTFm5ANQ9oRIWvc2Nws0iz5F8Q6FZdXSDhhPI-4Wl1I0uRQTN9EBWuUwqviHZEg-1TUsM8R8XWG9VT8PS4w6NH7S_dIAGAdBcfrcJHcFasdKEPDp2AxI1dgNiv6dfKlSE_m44jSG3FAenGuZNNvmzudJxYAdV8tq-zoQE7Yc_skBePY57xtRzeiMAYJVndYwgFBiDRGdMIPNO8wfilN-0aR_r940rJJwtGsBiczUTZXBIKN1uRgevYvc14L7Wsj4xNW4VeSZQ_qnaI3Gsqvb_6P2KxocDh6ntQRpABfQt7Xt5lOUfastaXiU0VhRaSt7Mt07Omhy5-OYq-q3Lww4-lVp7oepZChFsrTlYXB31zJoy8b2Fo7bGccTp07uWI7oOmPThGI06GWS9ifWYlxmsBkVw5HnlX72cJOiNe-Q1uZLyZB-p9JsJSXLeC6yXbReXMFi0KrD1CBRpCnVLnbKjS6B0qrml8mQEni0gGfIZyi1KTRHpkHfbrclJM6HsUiCZWWm6YqEXWROFV6U4LSWYshJjJQoW9nzpgFif3nK0bPGyaKlqUOjdeNfD7YpiXzg4lP-gkkpAxsMoS0ZQrz8WYJnmj0MPzgCaGLgP5sFrHjn1rjufHL6oI1LkG2rv4bLveky-w0i10ZH5WzhDk0tyuwO855lnpEAW82FsB1RqkgIQfzPjW8rZuamHUnuAkeQDKG83o5F-Efl4UycBih4tCNnB3P7K484gyglVLlA703BOKmLIt2iZL7ulRHaGTUBjxW-Now_38KgAYNR212-g06fNpD4MYKCkCSH-GMeunPLLhAfjHYIJHFdtvLAnXOLoKSWb4tYXQTZK934Yh-MQ7WSTMiFfp7wK3iqvech_dSiKpOfSn--jatmV2ICBWuvbyOFUGELN766HCm8oQcDCa1A26ctu1wgMUrrWhGl2DevmBn_hyINWd0C_64qRGxXfsLvp31k6QX6IqPbJwa6nygmDRdovuKACt9oGZVy3LER0XTqE_Kl4J-iue6sGnwmDP53vuvewPouPU1D-XIH6S8Ahz7aopu22tj3mxz4HP8BKSqlLKbT7r5Fjv0L3UU2mjaMnyU_14K-o7_PkNBsHxfcrMe4MczhkdwEoyBmpoFWFRQ1Tp8GSsxMXekUFOpdzFchfmH3tPs4zl4H9uhNNI1AneeaKujJJRLU9Luawt4Ojr5ivKQNWn596cs1t4ddSZnfcdAzVwB-BPc_FqGWuA1TR_eONLi2reTey5r5H37CDfDMCFv2DYshTmaqzeipBfToa7AIgyy7Y5eOXxnbN6TMrBQ-Xq8qWlcP-Xj70sll_vOvKQ-FXljbtru5FOVUSTjYV1B4PzSUvWV2Q7Udd7imTXAZanLp1WMtGj4w5LF3QhYiTz0sKbxSpHnfnk2bbHlX5eY4MFqdzSCZV9d3ITEfwc1M6Z0KAJ5o4avWDay7gORVVREOvZlgvTkrMII-P55P3Cbv4yjupvf6ILzQlsrjM-6HK2U1wAlVIlJLIEhqeJbLbe2nZNxKNgoQJzdvmJ-mXl7LLgrLKEfJviEeRPb9iXrh8be0CIoxugzE7HGsoP7S5t3cFMh-rSoISd1KM1JTgYH8gr57IwZXJTQjNNfzEXiwNITBvsiTaDZ2yzq2GlihlfJ3bKs1mlXC07Os_fRtZ_XDkvDcQqdvXYpnQKPbXFJRkdR0fjeDChKeMBh26PZaql5bQWwSVlO_gc4Fj3uSVXbTdirP_6sHoJfDY0EUKW1zUIFDDG1VFjb7YHM7HCz_AmJhCehU73PKG6y7amRKgVG1FvgdNUWH4axdrEsEKnUUcAO_bLWSRjrDpLukBNEhEFeOHMlVLJPtOu_yjVVGtWieXwpSEyEYh6DaKmDxpbBDv3rNl-UAFohbA8hHjAtbx5pg7EpB2sSkv5_3ossYKL85hJLYue9M3BxDb5C-JU2sgUmPipepdFzP7JT7sCwG_Jbz2WbjyNDTUSdBEmlpYETv8cqKJIpWdJ46gHfIDBt8DTkKUfKtWDHq5riPq_E-6QP4qGZTCQV4be1ASqKHc4rFhzOBpgcxNSGd9u8Uf6co4ckr_LWM1ZvssApaD3YeTuk1PZku6TvAxGoDPKdyN07cw7t5AMJibDmSMWqyAuUsWMJP_VjlQsyNglt2BphUC4b0ESkskQ-kCdLF4FKEQ42LVmu7t_yxoqPoMtnOls3d3K_wVS0J6XAfG4huunH8JPuEAH_PdmZU4bkAmpkVht6xwoiD0u5bpB8mHbz-eW-kYSDIHzwG8lNyTTE2Iyw_Xn3MEnV773ys1d8uPFmVN5PE1VlMl-ZajnjXjKsVuNkBE4koKNCm9olSrmat7uleYBgY1yWgkbnWZV6uR33dRBKX-QDXTmMKr4aKJsTlg_ftQcvfo7jY615ha7xGoQEQfZZkCc0TiS2NNoCKhELssSMooScRZ06pudDSvOEXUy274L-whjxMqI2zFRPOiVGX3IBCAzn0Zd_axnRPmzOmIAkyMoglaVKLxF138H_Da_KuX_haQhde9ZUjfB4JhzSpd4oxf3uYzzlDpOtaiG1grBEBdhRBX8ysy7pP_y5vZ1DoD52rJqOq_ZOEYkBAp6VOkf6sct4Vym8UZJy-K0islPirb8xm0jQE0IpIyXZoP1ccdMXc0A-eDXK2EnI3qAiru-9PWVMOmY-UAeDQPyNJ_QQk0lnFIoXVTTSho1fFJIZs-Y1yYA9xbGKNgOkoBUFHZAWl8pKuzxMNPgaGgB2SOcbcO2torLW_9CRChx8okM0w3H1SqxcRZvAYwWR-Row9RQz1whr2_fm0JOW33Zj3goM22riqJV1yD1jBynsmjGIVv80J8xAdwf8lcDgFf66JsSVlLSPNiBKoD7DSNg6zXYHYSENJ5b808LB2EX3y9gt79QcKY1LRIMDX0PKcfUa-r1TOA0T8wG3Hc6q0MqR_tV52Uj6c_QzzHSXNq8WTim_uIM5S_b7ynFNFucXrfDi5YVCezCXsgZ9YETwskL9FnOr4FBY59sB-Sla-g0pA2_1z7sa2_hbZFp4v7mxXlOL3tiHGRYbom74VAmNyymomGkk_gfG8Q9QRWfwK9cDIODUdyD2qXjoyL7q6l91XoFMmmOBfv8fxNzFewFYQ8x9Cvcc_n7dfeuWKctTpoG_N6dZ1A144Uz9a3O20lXP26SZqpVQFlZNFSeS8QwZ9KkkuQHk7Dj0idSaZattoDK5Zn2KMlax9c8GA0dMr5I4MwUqrjK7gUw&cid=CAQSPADq26N9Zw4dTaMCN2QhQTRI4X5t6mN_fcpnzztIJnb1HUVgDSoipNREB_J86WXwXIDewtWsa52GEsQVThgBIBM&rfl=2%2Chttps%253A%252F%252Fmail.nitrotech.info%252F%240
Frame ID: 6DCBD7394EF77067725D67DC74BCF683
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6ECFA695EA6457ED7C552BB7BB427D58
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 71C8F03B2C5FA75E97D00935CD1D7F83
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 03DEEB582F2FD02B3727D0D37215EA47
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
Frame ID: CEA11AA7B49EA4E11CF5D248240F347A
Requests: 5 HTTP requests in this frame

Frame: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 003EF35EAA06D4D2E3EA2EDD631FFF76
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gdwvr8djap733x4bfnxs23q5dc87c3zbds5s4cbf31xcya6x6macjjrmkg7jk6nhbnr0panptzv9dxnc0nsdrrh29d4jrzzn2ncjkwvce6jx8sg24eznpv5z5rde1bpbk40bqd0znbsxh877w588xd9rq3cep0p5ephn2jk9j7wycb9r5r3rze518g4d85n700n9mverjxen021t8xy2he76g8naf4b8z070gfznp2rnnympeqbmrdhv47tt4t4qmmf8cvm81ckjy792p0dzqhdb8rdqa0fn2635kjpskvmzya9gxqymgddwq63467hcqp2861zbyf90ad8fxk833sasrp6wzjazd1wzkrwddt89f540npkqx5564vr37442pb44v3jx8cmkydmgn8br24k7ywh87v2yhppx8xks3nggdb7zvh7txbfpnwm7rtb9gmxeqnngc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%26client%3Dca-pub-8473763341054993%26adurl%3D
Frame ID: 98FE978F226DB50EFAE0EAF409C4E79C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03A4E0F75CBF989C5D6B5FF6E7FA5F40
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5B88BE4B8C0F88C63E905F201B819D30
Requests: 1 HTTP requests in this frame

Frame: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A4BCF2FBE3876CC57B4EFACAB02F6ED5
Requests: 8 HTTP requests in this frame

Frame: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 629E89BC45EE9775EFE8D31BCF482116
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hk76x43v1732qqyc5jkfe2qpkza2mppg0tmzp9fa1d9r78spp1rzt5k49xhsfwanc97tryt19cgzpvhakgb05ay04bppv9vzv75c1wzyf3wz0x7gtj0fr9n2hz23p0rsq1p9mj5f6k0b21h8cxna9avfmyzcwn3czfg7b4jg8fhrnr2zwjd7mypx5991b44ngyaw4k1dnnv89n3tfxtbr5gtegkrt32h59bhr2fswfhsspzg26gjdns44n8t4b00vej25bjamvzwezj8atgpryvw8wj9bqe3j46de7yc0j2603rs5fy5stz61khq728c6vc5e5gegtv1nz3kjz4zdk0q7dtxf3s8vbjhzsa0w1fzn6x58xdsb8e46tzgxpwmw0kjxp3d2f2r3mgrh2cr7hc1jtwq40aje6qp8zy5vyvkaa8fsbcysqexhvqyj01drm4ez092c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%26client%3Dca-pub-8473763341054993%26adurl%3D
Frame ID: 95BD8BA7929CCC78042D6B83780F2C0A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8CC904668AEE1EDB99D4637ED2688D6F
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k1rr6gjv92z35p8hkwvtawqpdytgk15qksyzcrnm5sy94ejn05m9197b9md32b0nq3kh6fp12svhr08k1hezgr39wdg0nr63v37b43enwv10jxn4dqpqgyd6btz21vwsr22015z1hnx9z0wcz1z1x4zy37y3tja197z2frc3apx9b7jfjqxtcfgg7xa5qbntbzdzbgmbqw6ebm9fxtaxz8jd9vfhbx4nhcx4761p9xv0wr8q3age95s453qqrw0xtbxgpgskp6v4p797rfb37mq7fjcz0kkx1mh1rd7h3bez078ceysdzyttjyv5ecgmx06wt7mvv9caq620z0khya35532jah7km8v1w5zh55s717xrs2f5fgd8ygnpmaxs46awm744h5zvwrwftq7757dxa8bpqsg24fhrv93vkw063b9pk2g7p2v4gt4h92x5zkg36qdbc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%26client%3Dca-pub-8473763341054993%26adurl%3D
Frame ID: EAC398098980CAF41A005762E17E8532
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A866526F5C7F6708703F593744BAA88F
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7445F35F814D6BD9AFBEA49481C2E5C8
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3D8EFED842F0548289C817986AC355FE
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Frame ID: 90D45D6C968659C33CED53DC081CDAAC
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Frame ID: 22803064E5D0167F4AF9B871A3B32C15
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Frame ID: 0B925A774E742D51BA2B5C77BE8E2C43
Requests: 11 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 18BAAC0D47B1D70AC899176000905D9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NitroTech - Technology Guides For Windows And Android

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

282
Requests

85 %
HTTPS

35 %
IPv6

48
Domains

66
Subdomains

47
IPs

9
Countries

4665 kB
Transfer

8584 kB
Size

54
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://nitrotech.info/
Title: Home

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/computer/
Title: Computer

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/computer/problems/
Title: Problems & Solutions

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/computer/tips/
Title: Tips & tricks

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/computer/software/
Title: Software

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/computer/hardware/
Title: Hardware

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/computer/gaming/
Title: Gaming

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/mobiles/
Title: Mobiles

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/mobiles/howto/
Title: How To Guides

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/mobiles/reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/mobiles/apprecommendations/
Title: App Recommendations

Search URL Search Domain Scan URL

URL: https://nitrotech.info/category/mobiles/monetization/
Title: Monetization

Search URL Search Domain Scan URL

URL: https://nitrotech.info/about/
Title: About

Search URL Search Domain Scan URL

URL: https://nitrotech.info/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://nitrotech.info/print-poster-home/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/print-poster-home/#comments
Title: 1 Comment

Search URL Search Domain Scan URL

URL: https://nitrotech.info/game-window-mode-pros-cons/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/game-window-mode-pros-cons/#respond
Title: 0 Comments

Search URL Search Domain Scan URL

URL: https://nitrotech.info/force-window-mode-games-dxwnd/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/force-window-mode-games-dxwnd/#respond
Title: 0 Comments

Search URL Search Domain Scan URL

URL: https://nitrotech.info/force-window-mode-games-methods/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/force-window-mode-games-methods/#respond
Title: 0 Comments

Search URL Search Domain Scan URL

URL: https://nitrotech.info/what-is-ssd-what-are-its-advantages/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/what-is-ssd-what-are-its-advantages/#respond
Title: 0 Comments

Search URL Search Domain Scan URL

URL: https://nitrotech.info/top-affordable-ssds-2019-review/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/top-affordable-ssds-2019-review/#comments
Title: 1 Comment

Search URL Search Domain Scan URL

URL: https://nitrotech.info/hip-hop-apps-fans-rap-hip-hop/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/hip-hop-apps-fans-rap-hip-hop/#comments
Title: 2 Comments

Search URL Search Domain Scan URL

URL: https://nitrotech.info/top-usb-flash-drives-2019/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/top-usb-flash-drives-2019/#respond
Title: 0 Comments

Search URL Search Domain Scan URL

URL: https://nitrotech.info/enable-readyboost-unsupported-devices/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/enable-readyboost-unsupported-devices/#comments
Title: 1 Comment

Search URL Search Domain Scan URL

URL: https://nitrotech.info/increase-ram-usb-flash-drive/

Search URL Search Domain Scan URL

URL: https://nitrotech.info/increase-ram-usb-flash-drive/#respond
Title: 0 Comments

Search URL Search Domain Scan URL

URL: https://nitrotech.info/page/2/
Title: Older Posts →

Search URL Search Domain Scan URL

URL: https://nitrotech.info/go/interserver/
Title: <img data-lazy-fallback="1" src='https://i0.wp.com/www.interserver.net/logos/webhosting-250by250.gif?w=1200&ssl=1' alt='InterServer Web Hosting and VPS' data-recalc-dims="1" />

Search URL Search Domain Scan URL

URL: https://hooliganmedia.com/?utm_source=hms
Title: Powered by Hooligan Media

Search URL Search Domain Scan URL

URL: https://nitrotech.info/enable-readyboost-unsupported-devices/#comment-428
Title: Enable Readyboost In Devices That Are Not Supported

Search URL Search Domain Scan URL

URL: https://nitrotech.info/print-poster-home/#comment-401
Title: Print A Poster At Home – Tiled Printing Made Easy

Search URL Search Domain Scan URL

URL: https://nitrotech.info/chrome-tabs-reload-automatically/#comment-396
Title: Chrome Tabs Reload When You Switch To Them

Search URL Search Domain Scan URL

URL: http://www.racksandtags.com/guadalupeisimon
Title: Marylyn

Search URL Search Domain Scan URL

URL: https://nitrotech.info/hip-hop-apps-fans-rap-hip-hop/#comment-315
Title: Hip Hop Apps For Fans Of Rap And Hip Hop Music

Search URL Search Domain Scan URL

URL: https://bluebuzzmusic.com/
Title: Andy Bluebuzz

Search URL Search Domain Scan URL

URL: https://nitrotech.info/top-affordable-ssds-2019-review/#comment-259
Title: Top Affordable SSDs For 2019 – Review

Search URL Search Domain Scan URL

URL: https://nitrotech.info/our-webhosting/
Title: Our Webhosting

Search URL Search Domain Scan URL

URL: https://nitrotech.info/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://nitrotech.info/terms-and-conditions/
Title: Terms And Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4az6bTugXzieS4Ysv0i_M&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4az6bTugXzieS4Ysv0i_M&google_cver=1&C=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4LdKaqhx5T4mb9vCLk.8wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1&google_hm=2

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBkwHso3E0_8iuZVUIYJMhM&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4MTQ0NjA4Mzc1MTk1MDk1OQ%3D%3D

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4LdKaqhx5T4mb9vCLk.8wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1&google_hm=2

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIWFymkoYb3ciS5aBS2H0LE&google_cver=1

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4MTQ0NjA4Mzc1MTk1MDk1OQ%3D%3D

Request Chain 154

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvLFMU7KG2_yRbTxl9gsSk&google_cver=1&google_push=ASkJ3FY3Qe7qkX1pxh1HOoLrcJ8UpbOFOuAyc49YP8YbI0eVBAR10NsCRiWuOFsjE5dwiuG5xP_JQhrM1QFaZmLXfSdclD92EMI7 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIvLFMU7KG2_yRbTxl9gsSk&google_cver=1&google_push=ASkJ3FY3Qe7qkX1pxh1HOoLrcJ8UpbOFOuAyc49YP8YbI0eVBAR10NsCRiWuOFsjE5dwiuG5xP_JQhrM1QFaZmLXfSdclD92EMI7 HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=5eb5cbf2-f9e4-4aeb-87cb-3f2dedae76db&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FY3Qe7qkX1pxh1HOoLrcJ8UpbOFOuAyc49YP8YbI0eVBAR10NsCRiWuOFsjE5dwiuG5xP_JQhrM1QFaZmLXfSdclD92EMI7&google_hm=tJ5iRnVdTsavYQH1A8YElA==

Request Chain 155

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOFBCYdwhIjarE3QaQq9kJY&google_cver=1&google_push=ASkJ3FavnHMPzJVCpMbaUPxcgl88XHKyOXTDPi1Q1F8Lz1V2PjXbtQHiBrxyPGbiHwkQhP6L4ZIaU-RwjHB-mnL-QzdBdP97tj8 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOFBCYdwhIjarE3QaQq9kJY&google_cver=1&google_push=ASkJ3FavnHMPzJVCpMbaUPxcgl88XHKyOXTDPi1Q1F8Lz1V2PjXbtQHiBrxyPGbiHwkQhP6L4ZIaU-RwjHB-mnL-QzdBdP97tj8&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ALOZU2DRTYGUV2MEJMNPwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FavnHMPzJVCpMbaUPxcgl88XHKyOXTDPi1Q1F8Lz1V2PjXbtQHiBrxyPGbiHwkQhP6L4ZIaU-RwjHB-mnL-QzdBdP97tj8

Request Chain 156

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIXpQDMfJNCQOzz40bZrYlE&google_cver=1&google_push=ASkJ3FayNhm1CXEM2SQohR5zI51EIIAHz0ClIINHZ9Z11kgnxUbP1y1S29nP-u9goWugUNB-HHyhxeRfcZd-2kZPcc3fic7SWC3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZVElCQkwtMUotSVNBUA==&google_push=ASkJ3FayNhm1CXEM2SQohR5zI51EIIAHz0ClIINHZ9Z11kgnxUbP1y1S29nP-u9goWugUNB-HHyhxeRfcZd-2kZPcc3fic7SWC3D

Request Chain 157

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECwIChAqXSrx9cZYp9bU8zI&google_cver=1&google_push=ASkJ3Fa_z36IX6pU9N1XbR8EDU8wQKYn9SMIKFwYQXEwLrNKgUAzS2wVnZlqBt9Xzxb7CZfcCf1rowMEIdcQtII2w_z-LVpIFBla HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fa_z36IX6pU9N1XbR8EDU8wQKYn9SMIKFwYQXEwLrNKgUAzS2wVnZlqBt9Xzxb7CZfcCf1rowMEIdcQtII2w_z-LVpIFBla HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 180

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_cver=1&google_push=ASkJ3Fb4KNRBp09AXcSDc5RpG62A0eHDsOTnnUfuBWU_HU6s5tKjCR1AqqQ-b-vEIXd8s47S9SGO4A_U0aJPeOJaGVORolKoihQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_push=ASkJ3Fb4KNRBp09AXcSDc5RpG62A0eHDsOTnnUfuBWU_HU6s5tKjCR1AqqQ-b-vEIXd8s47S9SGO4A_U0aJPeOJaGVORolKoihQ

Request Chain 181

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFUHk0so9ChU9_BYV1Q51HI&google_cver=1&google_push=ASkJ3FYAjGj2qJGSIOohNKSQWTcvi1UrQfYABv0a2zzejztJ90jIyXLjVa29RzI8RhAlcn6QORh7Q2L4E4cIB-0baWW08-f7Bz4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=d-8hVuoITIOY5BnEidXelg2&google_push=ASkJ3FYAjGj2qJGSIOohNKSQWTcvi1UrQfYABv0a2zzejztJ90jIyXLjVa29RzI8RhAlcn6QORh7Q2L4E4cIB-0baWW08-f7Bz4

Request Chain 182

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvLFMU7KG2_yRbTxl9gsSk&google_cver=1&google_push=ASkJ3Fanv_WkRWW6gH48Plz123zvDwiQpCq9zKiUy-csYfb2TVPjAAc4qlO8j5Pdp4PWpw7HOCrFpWz9NEkc9fdAq0da3pbIKcc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fanv_WkRWW6gH48Plz123zvDwiQpCq9zKiUy-csYfb2TVPjAAc4qlO8j5Pdp4PWpw7HOCrFpWz9NEkc9fdAq0da3pbIKcc&google_hm=tJ5iRnVdTsavYQH1A8YElA==

Request Chain 183

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDJsCae0p0GV-jZHMdX38iA&google_cver=1&google_push=ASkJ3FbiDQjDqnYR3KdIkDwS95Wm4VFNSEZVKZTl75OouZ4YZMWF7V7ppZMs8UUqk4rHtVEq5gKzBtswN4oF-Dt5QGf0q9GU1g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDJsCae0p0GV-jZHMdX38iA&google_cver=1&google_push=ASkJ3FbiDQjDqnYR3KdIkDwS95Wm4VFNSEZVKZTl75OouZ4YZMWF7V7ppZMs8UUqk4rHtVEq5gKzBtswN4oF-Dt5QGf0q9GU1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzI4ODIzMzk3Mzc2MDk1Nzc0NQ&google_push=ASkJ3FbiDQjDqnYR3KdIkDwS95Wm4VFNSEZVKZTl75OouZ4YZMWF7V7ppZMs8UUqk4rHtVEq5gKzBtswN4oF-Dt5QGf0q9GU1g

Request Chain 184

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIXpQDMfJNCQOzz40bZrYlE&google_cver=1&google_push=ASkJ3FYPw438gSngFIA0tyRY2ViicKsieR2oejOmilhCRB0EucvNzJXW9bemQkRpZ9UiQKAcYuS8Pa8uKIzn9jGcI9E8D1RQoHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZVElCWkEtMUYtODc4MQ==&google_push=ASkJ3FYPw438gSngFIA0tyRY2ViicKsieR2oejOmilhCRB0EucvNzJXW9bemQkRpZ9UiQKAcYuS8Pa8uKIzn9jGcI9E8D1RQoHc

Request Chain 185

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_cver=1&google_push=ASkJ3FZvgXngVfp66H0jQzHdKrAOqNi70BD0-ZeX3n32c5PRFjDtEQxdj8DVbJTVzliGNnSwaeq68t4de3Wu6xSw_TqJNZetYdU HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FZvgXngVfp66H0jQzHdKrAOqNi70BD0-ZeX3n32c5PRFjDtEQxdj8DVbJTVzliGNnSwaeq68t4de3Wu6xSw_TqJNZetYdU

Request Chain 186

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDcGgwna-qLd6H-xEnx4y-o&google_cver=1&google_push=ASkJ3Fb7PKGYkMna8n0ffjYoqtUWsGgQtAYaYksZQU2UmxgN_oruwHdjgDLYaNzL0E63zxRG6pI6ZRPqke6_tZoqHqrpu9CvjtY HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDcGgwna-qLd6H-xEnx4y-o&google_cver=1&google_push=ASkJ3Fb7PKGYkMna8n0ffjYoqtUWsGgQtAYaYksZQU2UmxgN_oruwHdjgDLYaNzL0E63zxRG6pI6ZRPqke6_tZoqHqrpu9CvjtY&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fb7PKGYkMna8n0ffjYoqtUWsGgQtAYaYksZQU2UmxgN_oruwHdjgDLYaNzL0E63zxRG6pI6ZRPqke6_tZoqHqrpu9CvjtY&google_hm=FuCAuGZHjKsKXzj2QrCLdslB

Request Chain 216

https://d5p.de17a.com/cookies/google?google_gid=CAESEOawo1jFoIQumvzUAAxOY9I&google_cver=1&google_push=ASkJ3Fb46CwNQivCHU19nXsie_v9fkV_rjD5NpR0XK9ZL3qNaOv9KD6VI04xJCslgPmijjvRdomXIVw4-gJ_Fl5AIb6YS8KHcy_j HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOawo1jFoIQumvzUAAxOY9I&google_cver=1&google_push=ASkJ3Fb46CwNQivCHU19nXsie_v9fkV_rjD5NpR0XK9ZL3qNaOv9KD6VI04xJCslgPmijjvRdomXIVw4-gJ_Fl5AIb6YS8KHcy_j HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fb46CwNQivCHU19nXsie_v9fkV_rjD5NpR0XK9ZL3qNaOv9KD6VI04xJCslgPmijjvRdomXIVw4-gJ_Fl5AIb6YS8KHcy_j

Request Chain 217

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_cver=1&google_push=ASkJ3FYuWktyO7CTUjcVpNq33NdsAbiiF2N1sgbnvdkh6ks7fVJI77ccGcwDY0qOsHDBWds9jA-lswT-fA3uQkNZvvsEU1UqVNni HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FYuWktyO7CTUjcVpNq33NdsAbiiF2N1sgbnvdkh6ks7fVJI77ccGcwDY0qOsHDBWds9jA-lswT-fA3uQkNZvvsEU1UqVNni

Request Chain 218

https://match.360yield.com/match/ebda?google_gid=CAESEHJMyYdHrU-Lj4DliWJEORo&google_cver=1&google_push=ASkJ3FY7QMvKmbewPapxEYMRLeBPVoz62wOUljdKQ-S_W6_0RiSiC5rdITTVpAJXizorbuZsmh2UTk3HzlEvh7hlhtwXk9ZQmjA8 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHJMyYdHrU-Lj4DliWJEORo&google_cver=1&google_push=ASkJ3FY7QMvKmbewPapxEYMRLeBPVoz62wOUljdKQ-S_W6_0RiSiC5rdITTVpAJXizorbuZsmh2UTk3HzlEvh7hlhtwXk9ZQmjA8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=70Cr9FXORbedxbRx56W9VA&google_push=ASkJ3FY7QMvKmbewPapxEYMRLeBPVoz62wOUljdKQ-S_W6_0RiSiC5rdITTVpAJXizorbuZsmh2UTk3HzlEvh7hlhtwXk9ZQmjA8

Request Chain 219

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDqXYWEmjQiQFRDDgNfIWbA&google_cver=1&google_push=ASkJ3FaB02CPCJrxnGkRMNr1G56wnmvgK0q8pt1iclAl93uPkHEiQtrpF9ZKwahv_xWNUo9Z-z8IX2RacffJYBMfBd2rHuI1zVeN HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FaB02CPCJrxnGkRMNr1G56wnmvgK0q8pt1iclAl93uPkHEiQtrpF9ZKwahv_xWNUo9Z-z8IX2RacffJYBMfBd2rHuI1zVeN&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1669520684006 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-10d3684b-96fe-4865-8363-6e807aca9b6b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FaB02CPCJrxnGkRMNr1G56wnmvgK0q8pt1iclAl93uPkHEiQtrpF9ZKwahv_xWNUo9Z-z8IX2RacffJYBMfBd2rHuI1zVeN%26google_hm%3DAxDTaEuW_khlg2NugHrKm2s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaB02CPCJrxnGkRMNr1G56wnmvgK0q8pt1iclAl93uPkHEiQtrpF9ZKwahv_xWNUo9Z-z8IX2RacffJYBMfBd2rHuI1zVeN&google_hm=AxDTaEuW_khlg2NugHrKm2s

Request Chain 220

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAdIyUWXHU9zT_MIFMFUytA&google_cver=1&google_push=ASkJ3FZl5zVb4JQ9S9rJ0XOEhGkMIBlxbLFErzpodtlab4fHFAPJvtVCMpK7oAR0snFz3Vn2OT2LJtnayW7OQCpzYUxUOXsaP3ja HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAdIyUWXHU9zT_MIFMFUytA&google_cver=1&google_push=ASkJ3FZl5zVb4JQ9S9rJ0XOEhGkMIBlxbLFErzpodtlab4fHFAPJvtVCMpK7oAR0snFz3Vn2OT2LJtnayW7OQCpzYUxUOXsaP3ja&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HQkZnZUdaRTJ1SHVrakc0anZVVDBjNXdWZXo2ZGhNTn5B&google_push=ASkJ3FZl5zVb4JQ9S9rJ0XOEhGkMIBlxbLFErzpodtlab4fHFAPJvtVCMpK7oAR0snFz3Vn2OT2LJtnayW7OQCpzYUxUOXsaP3ja

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_cver=1&google_push=ASkJ3FYLOJ9Bw15EIZlXjvRBnp2-ZpmKqu2xmAy3dgOwf-jW3i356RqjfkRnuk7Ok09imCTJ4LNrBZ4542eboKNx024-tAkc2DY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTRMZEt3QUxITWMzMlFBVA==&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_cver=1&google_push=ASkJ3FYLOJ9Bw15EIZlXjvRBnp2-ZpmKqu2xmAy3dgOwf-jW3i356RqjfkRnuk7Ok09imCTJ4LNrBZ4542eboKNx024-tAkc2DY

Request Chain 225

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvLFMU7KG2_yRbTxl9gsSk&google_cver=1&google_push=ASkJ3FZSMDeejI3LnZRkoukjdtvnMVcO36OW04oBnhiLfTsknSwXBmJnumTKXeGSYnyMnpLOLZG5L6WOHr-Oz0kzQQqKmOKNXg HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=803764de-1c9c-4cbe-b9e8-7289b787b109&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZSMDeejI3LnZRkoukjdtvnMVcO36OW04oBnhiLfTsknSwXBmJnumTKXeGSYnyMnpLOLZG5L6WOHr-Oz0kzQQqKmOKNXg&google_hm=tJ5iRnVdTsavYQH1A8YElA==

Request Chain 226

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_cver=1&google_push=ASkJ3FYPxJ6dm2s-2phSsNC7-JDplZt75FnlCCL2_Z6Py7XF2fiz6DrUov-BtN5Rp-i0an5zLlp4v0hTng0ds4u8WeXEaIXL0ow HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FYPxJ6dm2s-2phSsNC7-JDplZt75FnlCCL2_Z6Py7XF2fiz6DrUov-BtN5Rp-i0an5zLlp4v0hTng0ds4u8WeXEaIXL0ow

Request Chain 228

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECwIChAqXSrx9cZYp9bU8zI&google_cver=1&google_push=ASkJ3Fb9rk8AdTQq8ZiOlCXol5eSCGLInm_XNqny6VitZwjYZwjo4O_rbHYGgVt4YndpYYazxhxajwtternLpZ5IY44Ed2lVoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fb9rk8AdTQq8ZiOlCXol5eSCGLInm_XNqny6VitZwjYZwjo4O_rbHYGgVt4YndpYYazxhxajwtternLpZ5IY44Ed2lVoA

Request Chain 229

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGYYwwXQmNxEBNsDR0-pXdc&google_cver=1&google_push=ASkJ3FZGNDNerML4cDG6JK3-a-K43LBeo57duIVAMlZjaR00HRpd_GkV9iltH7EOK25a8wtGERgd0fkvcQp8GaY9jeInpoK_754 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZGNDNerML4cDG6JK3-a-K43LBeo57duIVAMlZjaR00HRpd_GkV9iltH7EOK25a8wtGERgd0fkvcQp8GaY9jeInpoK_754 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 230

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDbYA-vghWhzD0IBpmBeaDM&google_cver=1&google_push=ASkJ3FZ0mkQoCm8e5S4oR5Bki17ZxCsGx-Ao2Pz4dPl8q4R8Pnv6c_T3yeIJwDX8ZioHvpwHh70E6mwbinheTuzPCIkfThqStcEa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b49e6246-755d-4ec6-af61-01f503c60494&%%GOOGLE_PUSH_PAIR%%

Request Chain 247

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMX1ypq5zfsCFQzcEQgdIe8JWQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669520684_d4c908b0-6e05-11ed-9792-223985e9a9b7

Request Chain 262

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAzoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1669520684_d4c86c70-6e05-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 272

https://www.awin1.com/cshow.php?s=2389702&v=11953&q=363641&r=412871&pv=1&pref3=oneiddE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CJ2a0Zq5zfsCFY-K_QcdFvUNbg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

282 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mail.nitrotech.info/ 82 KB
16 KB 1022ms
292ms Document
text/html 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: dc27990b51165589f6a9817ad94ae97eca56d2c1517b59a8db86fd066ff1b358

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: max-age=3, must-revalidate
content-encoding: gzip
content-length: 16314
content-type: text/html; charset=UTF-8
date: Sun, 27 Nov 2022 03:44:40 GMT
last-modified: Sun, 27 Nov 2022 03:44:38 GMT
server: LiteSpeed
vary: Accept-Encoding, Cookie

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 47ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-132312568-1

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd596ae46a229199adbdc970bf42481366c1fa6d8c60433ffa15dd8ead21838b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43598
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 27 Nov 2022 03:44:40 GMT

GET
H2 200 style.min.css
c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/ 87 KB
11 KB 30ms
7ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/ 11 KB
2 KB 30ms
7ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/ 4 KB
1 KB 35ms
12ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 dashicons.min.css
c0.wp.com/c/6.0.3/wp-includes/css/ 58 KB
34 KB 36ms
12ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/css/dashicons.min.css

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 font-awesome.min.css
nitrotech.info/wp-content/themes/oceanwp/assets/css/third/ 30 KB
8 KB 107ms
103ms Stylesheet
text/css 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/css/third/font-awesome.min.css?ver=4.7.0
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: c4fe355dfa317d1cfaf6a39aa324e94c8a96fcf73410b7f9eec59951cdfaa593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Sun, 21 Apr 2019 10:46:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8279
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 simple-line-icons.min.css
nitrotech.info/wp-content/themes/oceanwp/assets/css/third/ 11 KB
3 KB 107ms
104ms Stylesheet
text/css 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: 00cb5467cd1232cc0358b03f57cdba0c37d8a4c74fc8949a5dc62ab36e803c5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Sun, 21 Apr 2019 10:46:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2925
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 magnific-popup.min.css
nitrotech.info/wp-content/themes/oceanwp/assets/css/third/ 5 KB
2 KB 108ms
104ms Stylesheet
text/css 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/css/third/magnific-popup.min.css?ver=1.0.0
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: 130258c738258aede53d50cd605361e26189d1176960bd440a8785d81e9ee331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Sun, 21 Apr 2019 10:46:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1841
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 slick.min.css
nitrotech.info/wp-content/themes/oceanwp/assets/css/third/ 2 KB
670 B 108ms
105ms Stylesheet
text/css 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/css/third/slick.min.css?ver=1.6.0
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: f94c40827295309e660e47038ab6c021e897ec570d812298d3d475159ddc8596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Sun, 21 Apr 2019 10:46:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 637
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 style.min.css
nitrotech.info/wp-content/themes/oceanwp/assets/css/ 152 KB
38 KB 108ms
105ms Stylesheet
text/css 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/css/style.min.css?ver=1.6.7
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: baaf48723be42a649b89cf96c10c2cb139ae15cad2ad1a506aabd54d77974f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Sun, 21 Apr 2019 10:46:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 38509
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 376 B
804 B 43ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cagliostro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&ver=6.0.3

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ad71904a039c4f80ce0f8d067971702ef8ad368ac0068d99a672b0e0051ffe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 03:44:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 03:44:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 395 B
363 B 43ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Permanent+Marker%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&ver=6.0.3

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 03:44:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 03:44:40 GMT

GET
H2 200 widgets.css
nitrotech.info/wp-content/plugins/ocean-extra/assets/css/ 36 KB
8 KB 211ms
208ms Stylesheet
text/css 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=6.0.3
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: 9de0d24675d34b06af8a34918b566f94e8296d32228371766cbc15d8abc74195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Fri, 11 Oct 2019 17:48:15 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8433
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/11.3.1/css/ 84 KB
15 KB 36ms
14ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.3.1/css/jetpack.css

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 19 Jul 2022 17:25:16 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 frontend-gtag.min.js Show response
nitrotech.info/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
4 KB 313ms
310ms Script
application/javascript 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.10.0
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Mon, 07 Nov 2022 20:07:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4006
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.0.3/wp-includes/js/jquery/ 87 KB
30 KB 36ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.0.3/wp-includes/js/jquery/ 11 KB
4 KB 36ms
15ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 hmads0.js Show response
cdn.hooliganmedia.com/ 191 KB
191 KB 64ms
18ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hooliganmedia.com/hmads0.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2b6e18132b3e4c063dadb4994dc4bd9821d761b1123bf55bf1875b737f7787b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 04 Oct 2022 20:24:23 GMT
x-amz-request-id: tx0000000000001bed226b0-006382d262-3f1a061f-nyc3c
etag: "397ce81c9f3b983cff524d2c0a2366c6"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1669520680.dop239.fr8.t,1669520680.cds285.fr8.hn,1669520680.cds148.fr8.c
content-type: text/javascript
cache-control: max-age=842
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 195378

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/11.3.1/_inc/build/photon/ 685 B
348 B 40ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.3.1/_inc/build/photon/photon.min.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 public.js Show response
nitrotech.info/wp-content/plugins/easy-affiliate-links/dist/ 25 KB
9 KB 313ms
311ms Script
application/javascript 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/plugins/easy-affiliate-links/dist/public.js?ver=3.7.0
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: 0d7fa1cbfe03479e3b9abf9da6827f91aa23aaf11d853b46f9680f604171e781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Mon, 05 Sep 2022 10:46:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9156
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 imagesloaded.min.js Show response
c0.wp.com/c/6.0.3/wp-includes/js/ 5 KB
2 KB 41ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.3/wp-includes/js/imagesloaded.min.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 magnific-popup.min.js Show response
nitrotech.info/wp-content/themes/oceanwp/assets/js/third/ 20 KB
9 KB 314ms
312ms Script
application/javascript 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/js/third/magnific-popup.min.js?ver=1.6.7
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: c78a38f48aa4252bdbee7ebebc0dc68eaa95f27d362aa58021fd2f085ca0df4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Sun, 21 Apr 2019 10:46:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9044
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 lightbox.min.js Show response
nitrotech.info/wp-content/themes/oceanwp/assets/js/third/ 1 KB
647 B 314ms
312ms Script
application/javascript 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/js/third/lightbox.min.js?ver=1.6.7
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: af0267055194b8495fca64e1134f6945df1cae01c54f88a387a8507d008ae3c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Sun, 21 Apr 2019 10:46:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 614
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 main.min.js Show response
nitrotech.info/wp-content/themes/oceanwp/assets/js/ 121 KB
46 KB 211ms
209ms Script
application/javascript 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/js/main.min.js?ver=1.6.7
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: aece3d630405b9bb90bbc06b7658eed4fa9f3c0e07f4475a93ef6fa05fcb932c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Sun, 21 Apr 2019 10:46:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 46817
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 eu-cookie-law.min.js Show response
c0.wp.com/p/jetpack/11.3.1/_inc/build/widgets/eu-cookie-law/ 2 KB
658 B 35ms
15ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.3.1/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9f9093afac549fa0f24e54a23798dabcc1ca87f3fb1d4449e636a8ea99844527

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:44:40 GMT

GET
H2 200 intersection-observer.js Show response
nitrotech.info/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
4 KB 311ms
310ms Script
application/javascript 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Fri, 09 Sep 2022 20:30:17 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3568
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 lazy-images.js Show response
nitrotech.info/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 311ms
310ms Script
application/javascript 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: 9e65fb5b0032593b7b8fb12b27a01c3c2cefe7e0e231816ee2c8dda3a4355dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Fri, 09 Sep 2022 20:30:17 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1106
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 e-202247.js Show response
stats.wp.com/ 9 KB
3 KB 29ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202247.js
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 12 Nov 2023 22:56:25 GMT

GET
H2 200 wp-emoji-release.min.js Show response
nitrotech.info/wp-includes/js/ 18 KB
6 KB 106ms
105ms Script
application/javascript 104.218.53.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://nitrotech.info/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.218.53.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: loveintime.in
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
last-modified: Mon, 05 Sep 2022 10:35:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6266
expires: Sun, 04 Dec 2022 03:44:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-132312568-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 03:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1191
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 27 Nov 2022 05:24:49 GMT

GET
H2 200 ZgNWjP5HM73BV5amnX-TvGLOMg.woff2
fonts.gstatic.com/s/cagliostro/v21/ 14 KB
14 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cagliostro/v21/ZgNWjP5HM73BV5amnX-TvGLOMg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cagliostro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&ver=6.0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6416fe13344d50a660b4e234892f03e1eed5b0cb8dc712280901ed2d1f719ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.nitrotech.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 04:17:24 GMT
x-content-type-options: nosniff
age: 170836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13844
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:45:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 04:17:24 GMT

GET fontawesome-webfont.woff2
nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/ 0
0

GET Simple-Line-Icons.woff2
nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 81 KB
28 KB 49ms
12ms Script
text/javascript 108.138.7.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js?key=5eb3e48a16937e7047af24fd9b6aec65
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 00:22:47 GMT
content-encoding: gzip
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 357713
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28567
x-amz-cf-id: 6d4fnGipBMIiTiMBJ-wZi1Ho3iO6_rSXI2MI58c-3ycl-yG-p32fuw==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 13ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=156792123&post=0&tz=2&srv=nitrotech.info&host=mail.nitrotech.info&ref=&fcp=1365&rand=0.3396049822228082
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 03:44:40 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 15ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=640089658&t=pageview&_s=1&dl=https%3A%2F%2Fmail.nitrotech.info%2F&ul=en-us&de=UTF-8&dt=NitroTech%20-%20Technology%20Guides%20For%20Windows%20And%20Android&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1028629998&gjid=695325540&cid=1469647755.1669520681&tid=UA-132312568-1&_gid=1822005554.1669520681&_r=1&gtm=2oub90&did=dZGIzZG&gdid=dZGIzZG&z=1044976122

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.nitrotech.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 featured-1.jpg
i0.wp.com/nitrotech.info/wp-content/uploads/ 21 KB
21 KB 31ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/nitrotech.info/wp-content/uploads/featured-1.jpg?w=900&ssl=1

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c6ea2e786fbaf7001d1b36afbab5d6d18a4cfa73d060128135618eff70ac9c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 27 Nov 2022 03:44:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Nov 2022 15:51:31 GMT
server: nginx
etag: "8a2eb82e39497aea"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://nitrotech.info/wp-content/uploads/featured-1.jpg>; rel="canonical"
content-length: 21438
expires: Wed, 06 Nov 2024 03:51:31 GMT

GET
H2 200 featured-6.jpg
i0.wp.com/nitrotech.info/wp-content/uploads/ 57 KB
57 KB 37ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/nitrotech.info/wp-content/uploads/featured-6.jpg?w=900&ssl=1

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

686325dbaeda3f70309282d31ea2370ad4f20ce4dac69f44bc9fe577d99bd3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 27 Nov 2022 03:44:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 27 Nov 2022 03:44:40 GMT
server: nginx
etag: "2e95faae0384900b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://nitrotech.info/wp-content/uploads/featured-6.jpg>; rel="canonical"
content-length: 58596
expires: Tue, 26 Nov 2024 15:44:40 GMT

GET
H2 200 featured-5.jpg
i0.wp.com/nitrotech.info/wp-content/uploads/ 43 KB
43 KB 42ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/nitrotech.info/wp-content/uploads/featured-5.jpg?w=900&ssl=1

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c4f093b4ff0e53c909eedbf80a8770c7f08f89071528ff01d348c088dbd83e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 27 Nov 2022 03:44:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 19 Jun 2022 21:42:29 GMT
server: nginx
etag: "b2fe5dcab2fdd6d0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://nitrotech.info/wp-content/uploads/featured-5.jpg>; rel="canonical"
content-length: 43816
expires: Wed, 19 Jun 2024 09:42:29 GMT

GET
H2 200 featured-4.jpg
i0.wp.com/nitrotech.info/wp-content/uploads/ 39 KB
39 KB 42ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/nitrotech.info/wp-content/uploads/featured-4.jpg?w=900&ssl=1

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5592e7f720df549627ea79f4f915955bf39354a0e720237cd78f952f82750383

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 27 Nov 2022 03:44:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 14:04:01 GMT
server: nginx
etag: "54d5db0f8b7e7fd4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://nitrotech.info/wp-content/uploads/featured-4.jpg>; rel="canonical"
content-length: 40016
expires: Sun, 04 Aug 2024 02:04:01 GMT

GET
H2 200 webhosting-250by250.gif
i0.wp.com/www.interserver.net/logos/ 22 KB
23 KB 41ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/www.interserver.net/logos/webhosting-250by250.gif?w=1200&ssl=1

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

cc8b31842f158584e6d62dab9a3a1cfa4a858d51b0a523022127e0569ed11c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Sun, 27 Nov 2022 03:44:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 11:00:31 GMT
server: nginx
etag: "26c64527137ab820"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.interserver.net/logos/webhosting-250by250.gif>; rel="canonical"
content-length: 22980
expires: Fri, 06 Oct 2023 23:00:31 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 287 B
739 B 137ms
37ms XHR
text/javascript 52.208.159.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js?key=5eb3e48a16937e7047af24fd9b6aec65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.159.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-159-221.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 8f691ee2d19fe2ad5175a85dc5022cf0d50825fd70df7acdeb3ffc6f1f116767

Request headers

Referer: https://mail.nitrotech.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:40 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://mail.nitrotech.info
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 287
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1404 / 167 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 03:44:40 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
280 B 230ms
193ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.nitrotech.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mail.nitrotech.info
date: Sun, 27 Nov 2022 03:44:40 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 179
server: envoy
vary: origin, Accept-Encoding

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Nov 2023 17:14:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 41 B
68 B 37ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mail.nitrotech.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

602803228eaf94b86a6454875835d0bfb024fc0f0c04310a8c89b242d7838a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
expires: Sun, 27 Nov 2022 03:44:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 90ms
19ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mail.nitrotech.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mail.nitrotech.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 138 KB
41 KB 628ms
628ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=823470505376430&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Chm-interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1874771964&sfv=1-0-40&ists=1&fas=8&prev_scp=pos%3Dinterstitial&sc=1&cookie_enabled=1&abxe=1&dt=1669520680946&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8c718b9fd6d209bc12bad286b7dc5242bec6f545e6d6cc96d4fa0a9953a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42442
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 228ms
228ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=823470505376430&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Chm-anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=2830129390&sfv=1-0-40&ists=1&fas=2&prev_scp=pos%3Danchor-top&sc=1&cookie_enabled=1&abxe=1&dt=1669520680978&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6959e4e312edc5c770909e098f7535cb2bcdf1dccdf71e593cb3d80b20edc87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13245
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3EF3 6 KB
3 KB 66ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:41 GMT
expires: Mon, 27 Nov 2023 03:44:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13838
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 25 Nov 2023 16:36:20 GMT

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 43 B
390 B 34ms
33ms Script
image/gif 52.208.159.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=5eb3e48a16937e7047af24fd9b6aec65
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js?key=5eb3e48a16937e7047af24fd9b6aec65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.159.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-159-221.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:40 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 43 B
390 B 85ms
33ms Image
image/gif 52.208.159.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=5eb3e48a16937e7047af24fd9b6aec65
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.159.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-159-221.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:40 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 41 B
492 B 50ms
33ms XHR
text/javascript 52.208.159.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js?key=5eb3e48a16937e7047af24fd9b6aec65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.159.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-159-221.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 02e324054abac0e9b5ed244beb4b31ac768e32fd8caef77719f3400526a7a400

Request headers

Referer: https://mail.nitrotech.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:40 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://mail.nitrotech.info
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET fontawesome-webfont.woff
nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/ 0
0

GET Simple-Line-Icons.ttf
nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 0
0

GET
H3 200 container.html Show response
a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD33 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:41 GMT
expires: Mon, 27 Nov 2023 03:44:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6168 624 B
919 B 56ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNXjQymWg0D6u2pymS_xea5AWPK-5IpmkbGqoKPACBlbaWhLnVVNsxW10WzH7rYdnYFAuqOFyaGZ4QcFeqYzX4O9ZlkT_jiO5B8KYYl7Sh79gy4Ca_CzGPPxBMpMh3t18T02gDeKHg8fCizzXAsaQs7DzOfIZJ9zv6ouPhhjplx0V-1sg1RBJYQLH3NQTCRLumtXhg4y

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:41 GMT
expires: Sun, 27 Nov 2022 03:44:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 39EC 15 KB
11 KB 73ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgbbWq0Ym-Q_DlTWxTtwB-Y9m5IjDj2_78W6yiR5vzGwePvzf41QJ0O35V8zAkYRK-se-FVdQ1WDP4X9xrGsqx8kvWswxTdz2Am6wwi8GSc3xA_Tfllvc8yOTTSpNc79rAPgVvv5eO6onQw0eZBAzVMinCr01lzEmfPAyP3sbiLSDLBNE&cry=1&dbm_d=AKAmf-C6KNfeKRYT18wziiPqRLdu5oBjwywNc3DYGYDZBmaoh0jFtcMjVS0jHyEhaTZyEmEsAvsoyjdHSDbm6Sdq8pvYXUkhfC5vRE7_f1hvxkiMSlnHqLDOXk2Kt1dEV3Ln2T54aPg2kkB-uf5WizT6Fp8fKwn48k_gQDQZTSVrFAZoFKh5m1PCGX54h4lX4C0hIeC-Hsw1I_BRweTxodGmnFBZ9xckeHhQLn-lESwDNsPKtHDYksr6slTym-j3x4o6b2TQ6_bL0OSUeC5-dldP97J_81tC1EJtrw2cvydva11bl6cmlQOwHM6XN2JC_sMuCg6lUYrFkGzp8RSIxVxVshlwaAMho2QhMttJYT_s53B5gSuTwJ0Po_rctx5EeoJSEjDzRyQQ1F04Tfp62tUZ5hIfvPYbzqqwtoTIA3G0V8iXx_S8gY95th1AmbTyJngZ9SAdJ6kGE_8a00evTKPjWZytbfUDkYE55RV5l0AuKOyCWNsdpGbMjauq_PuNDjWYysaKKN1PJpEB8-CcP_cvfZeJjiQDTj-Naye5xGO5QSO4YTRcXJDFpPqNwxB-iLHfukhg6wzYDlq1Pdn_z1i5ETodUB0ATLaekr0KHyy1TMaoQN-IlYoXsDqLebYAOpBV38nzMR89hxVWgxgx4W5099Cinkc-_UdGfBc9k649el4F3Xx3ECWHze9a3PD46f-BUcg9omVi8woIhaqeAdQgdUAB08KRGRIG_sraFzLLCiWfsQrRaPR7kVfz4xKjuaOrp24cOT5ppRvrMqFfO63riZwQjgIAQ0-o_Ryl4wC67yUYFOJ7IhKf4B6kedX2qrxuK0xYtxIVLBncyzlYVbQsOwCkfTvSpb6A_Ozn_V0-6kuMZoHujsLJD77iChJDpMLHyIcXq5BTrrmHg5gi7-tt8Z6gXCGDpvDZyH-lZXJbljta2vhGMsNQp2f9DImGYlNGFKVh-U8eX7DXiAeHKPgeM3Pki-5raYcjYdyyqRzcQqg8-hC_TYgSn0jsWoNHAhogBmERIkXB1HYdAYGe9DqqmgBY2K53c_XBceqa6fTxGr2G7S9bxuYADb1-j1MU8AxVOPSJ_HwQ743ufLzp3yp-CtE9bmr_YJsvkVsr6iKls8Cz5XxZQXTZzHAs4_QwLhqSaL5BJllue7MFJqBQil2_Go_YMUbR1D2DGJjs5k-6unu6Lb0-X57Y40FzLVz5uIWGIakxZFkW0KYkjsdYdY_yuXKdV9T6CFlUg1mXApCZ4AMGBRl55vjUdZJTxUSmkZXZYaNYt6DEdPfbsDtPWetsbBJQpUWtTAf2ziDy6PnJZDFdAXmvcnqpCZFJOBOKqh5pXfoNyIJ6-loLb2rC7TbxZ1s2KxLatMRxs9xw6giOVAzoDthVjXv0MW2eBc4HLTudOWSqC7qhUjrbrb65jgWaCT2dQxyCb27Yy8-zrMG7cO022gXloxGW3DYGqmgZbxlY_tEBGUugWjn0jY55ajCOZBMxY9dnRr-JtETHtpxFQhdczN12xv5pzvUkUZdaMjNyl8Nu_dHoTUc8eu9udYyDjwBpMvEg33zYFeP_6WX90e3JKDxYyIMuhAlIzNs3dC7qnTSNiq2xKjRneohppFDAEJ2olsHFCQKf5j4XMRIxkFew0fqvYnHEk6SBmeXixA6hAPHNX73jqW-wX5-shIUxZXEcGEyN88lg3o8jfC-Ao7keIIfmA3KvZowZSym-OcoIqLGD5IVdlrCyaQT_s6vBsJk4Aau1fcJvMGLPiKxDNaytpLKjNx2CGogQuFhUPNIOWQvZYVV2mndDX9xMmRXFRPa1-4jy4E2p5qztuMtAt55mw2dnPoBswuAs_ivrbDU3B-xNpolvYd_kB2N-XAQZBF-aSJt_EtCuHlmCzuBuyM7j76FZHnAf0-eCqMIKCp2RArMk198w8bHsWBfYUxW78TvH0uzew-aye4qTkl7aZTX_e049Vq8VuwRA-DgTj7gqQc2vxdAqn44tSBLfTlc0LVxrzN8XZSvLSa2wuW_hjzmiQ2eGtEd1jtfK0PLAVhI8mkx6Ykaoo0mPHSipNtFS1_bZJz-J5mn7Ojfd7GK825YPuDvzonYEMMAEqYkKujgutUPTt3qzhp12ebw29qUizFgpLBENJpUrbV2_KAKxog7cMwM9kx_cHHm2uxh4ENM7XLHDayBt_6l5EruzvOqCch8DZrq1Yld4gVAmHhWrbqKtS6kWv4ToVnxmqHdx98HcIKpReW8p6CMNx9_SqA-3mMhrhLWgXqyuCVXuDe4RRWo7R1DvIY6b4VcLP7l8rhad2_5XxAMCmHfsZYe9_9rcuJCLvpLo6P_l7sdMVlzFns_wshyDD5Lj1phhN31UV-3-3e4P9c7f_zSZsGZhcX1WJslTiSv3B9E9E1-Xk3CL8aV6b7Onobq-ZPlEBYlaXZS66YfNaa4LadU6DF3V-dXQ_STwlhYt71pfbI3VW6QZ5EWD83FTpdp6HTGhc1QyPFDAYhmhuajnpZBcvFKrPmqPehu5KpNae51TL_IIiVr4OFn9R0gpvSaovB9nRI_WjLiLOiwN2t_uWu69EBeM0OUZV40jh07acmXEfzc46d7DMBKimZ-MOK7z-39BZh_ocMFP4Iksw09jTs6S9PBjgiPy3qzx_ajuwJcGiLZrLLwdiBIeHh_cIwL2RaI1Om3rn8ioyy1P5-hMJBZSbM84QYzdtQDcQnlnu6lAnNe8Ws4rq_kUrtBbZBcTjab-8mMm3cTCdATL61Tkob_Hmt72rQFqDWZMK233cmHgkQsDWmhH50tWDLP5mSZmgbGe2_QRbwSTewfPlZSXhhij7nbLWZ0h6LYHcMmo7jTv1gUmMrVX2MV1gHrDZLwWFTHzh3QA0S9YcZJ4c5cnJgkxRDtLF_0V3vX1wwsqi-dCvgZCQAhGcAN-0MErYwlsgi3HnH1tAgdwG9Ly-NAy59Mw9ghc-6M62-QrRsf_cOwwq9AOpUOU4MbgEoSOD1AGEVx1Q86PSUfqVTabXZ_cyeKojc1WvqQAWINmyqLaSjPLYF7j7EilWHuoUOUMZAnY24CwPzc5HsDF63SgM-snDPZ1okNDF9-phkUKgPmWzLDiylpHyTkWt4unnao2QjpxBBR32rZOIyARDiTUmbanE1ys54rkbkcJtoojQWBXSXXRnlarh6fi5c59myvZk4kih36U8-Z0WsfnVCbOEApCi926bCXG2QajzoalHDccacuRvVLzuH5zjnWx3ndBhfRW4qHQz2ijeaahhkmVb2_TBcL6ht9Rbu-xSDVpClJ8XbII2_b2RvVWJktTqxkDyGeMyeUl72fOLu8XmzKQPibr5fOgv3OO6D7dkkjOk6FH1IZBGsvvFLy63BktHV5Nh8Dn4Ax4g0Sgr5uP2y6_rfP8sgVBPGfHUiO_0Rd3wpRAEmm_SKBLBh-O85M5YFZnM0zM8bLrXFC_WUT826IoaOBMqDyRjB6xSsoHnkuy3DOiHfFui7JKHWFHm9odTbnnhTw&cid=CAQSTADq26N9V2q5n0FB3NpIAB-j1IpjWPr4I2aNk2g5iO4eGkB1VQydm5G9bW0hOJxEoQFUYG160qjPwIB3jfFDUo5roN7tLumYExRq-AwYASAT&rfl=2%2Chttps%253A%252F%252Fmail.nitrotech.info%252F%240

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ab1af1c566362f69f51b953eb47c62338d20c1d6a9972aa8ed61f89b868a758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11217
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 39EC 28 KB
11 KB 46ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 27 Nov 2022 04:31:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 39EC 3 KB
1 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 39EC 18 KB
8 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 39EC 154 KB
48 KB 59ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 03:44:41 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39EC 42 B
494 B 66ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYDOGQUNM6oe5zhULXnWzxDjKMn4c0VqlyM6suIQBdpmlARBuJiRMrJRvsOPyEjiRtpIr83LA-kGFVSTJUlxz7fy_FAC7pwjyOV90jW2vGTZ26T9c

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6168
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4az6bTugXzieS4Ysv0i_M&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4az6bTugXzieS4Ysv0i_M&google_cver=1&C=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ4az6bTugXzieS4Ysv0i_M&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNXjQymWg0D6u2pymS_xea5AWPK-5IpmkbGqoKPACBlbaWhLnVVNsxW10WzH7rYdnYFAuqOFyaGZ4QcFeqYzX4O9ZlkT_jiO5B8KYYl7Sh79gy4Ca_CzGPPxBMpMh3t18T02gDeKHg8fCizzXAsaQs7DzOfIZJ9zv6ouPhhjplx0V-1sg1RBJYQLH3NQTCRLumtXhg4y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJ4az6bTugXzieS4Ysv0i_M&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6168
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4LdKaqhx5T4mb9vCLk.8wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNXjQymWg0D6u2pymS_xea5AWPK-5IpmkbGqoKPACBlbaWhLnVVNsxW10WzH7rYdnYFAuqOFyaGZ4QcFeqYzX4O9ZlkT_jiO5B8KYYl7Sh79gy4Ca_CzGPPxBMpMh3t18T02gDeKHg8fCizzXAsaQs7DzOfIZJ9zv6ouPhhjplx0V-1sg1RBJYQLH3NQTCRLumtXhg4y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6168
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBkwHso3E0_8iuZVUIYJMhM&google_cver=1

43 B
1016 B

30ms
15ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBkwHso3E0_8iuZVUIYJMhM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNXjQymWg0D6u2pymS_xea5AWPK-5IpmkbGqoKPACBlbaWhLnVVNsxW10WzH7rYdnYFAuqOFyaGZ4QcFeqYzX4O9ZlkT_jiO5B8KYYl7Sh79gy4Ca_CzGPPxBMpMh3t18T02gDeKHg8fCizzXAsaQs7DzOfIZJ9zv6ouPhhjplx0V-1sg1RBJYQLH3NQTCRLumtXhg4y

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:41 GMT
AN-X-Request-Uuid: 4240336e-dcc0-43f9-92ed-569f5807bd8e
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBkwHso3E0_8iuZVUIYJMhM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6168
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4MTQ0NjA4Mzc1MTk1MDk1OQ%3D%3D

170 B
188 B

34ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4MTQ0NjA4Mzc1MTk1MDk1OQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:41 GMT
AN-X-Request-Uuid: e2681658-a07e-4e3b-85dd-0134d14561ac
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4MTQ0NjA4Mzc1MTk1MDk1OQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 39EC 41 KB
15 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgbbWq0Ym-Q_DlTWxTtwB-Y9m5IjDj2_78W6yiR5vzGwePvzf41QJ0O35V8zAkYRK-se-FVdQ1WDP4X9xrGsqx8kvWswxTdz2Am6wwi8GSc3xA_Tfllvc8yOTTSpNc79rAPgVvv5eO6onQw0eZBAzVMinCr01lzEmfPAyP3sbiLSDLBNE&cry=1&dbm_d=AKAmf-C6KNfeKRYT18wziiPqRLdu5oBjwywNc3DYGYDZBmaoh0jFtcMjVS0jHyEhaTZyEmEsAvsoyjdHSDbm6Sdq8pvYXUkhfC5vRE7_f1hvxkiMSlnHqLDOXk2Kt1dEV3Ln2T54aPg2kkB-uf5WizT6Fp8fKwn48k_gQDQZTSVrFAZoFKh5m1PCGX54h4lX4C0hIeC-Hsw1I_BRweTxodGmnFBZ9xckeHhQLn-lESwDNsPKtHDYksr6slTym-j3x4o6b2TQ6_bL0OSUeC5-dldP97J_81tC1EJtrw2cvydva11bl6cmlQOwHM6XN2JC_sMuCg6lUYrFkGzp8RSIxVxVshlwaAMho2QhMttJYT_s53B5gSuTwJ0Po_rctx5EeoJSEjDzRyQQ1F04Tfp62tUZ5hIfvPYbzqqwtoTIA3G0V8iXx_S8gY95th1AmbTyJngZ9SAdJ6kGE_8a00evTKPjWZytbfUDkYE55RV5l0AuKOyCWNsdpGbMjauq_PuNDjWYysaKKN1PJpEB8-CcP_cvfZeJjiQDTj-Naye5xGO5QSO4YTRcXJDFpPqNwxB-iLHfukhg6wzYDlq1Pdn_z1i5ETodUB0ATLaekr0KHyy1TMaoQN-IlYoXsDqLebYAOpBV38nzMR89hxVWgxgx4W5099Cinkc-_UdGfBc9k649el4F3Xx3ECWHze9a3PD46f-BUcg9omVi8woIhaqeAdQgdUAB08KRGRIG_sraFzLLCiWfsQrRaPR7kVfz4xKjuaOrp24cOT5ppRvrMqFfO63riZwQjgIAQ0-o_Ryl4wC67yUYFOJ7IhKf4B6kedX2qrxuK0xYtxIVLBncyzlYVbQsOwCkfTvSpb6A_Ozn_V0-6kuMZoHujsLJD77iChJDpMLHyIcXq5BTrrmHg5gi7-tt8Z6gXCGDpvDZyH-lZXJbljta2vhGMsNQp2f9DImGYlNGFKVh-U8eX7DXiAeHKPgeM3Pki-5raYcjYdyyqRzcQqg8-hC_TYgSn0jsWoNHAhogBmERIkXB1HYdAYGe9DqqmgBY2K53c_XBceqa6fTxGr2G7S9bxuYADb1-j1MU8AxVOPSJ_HwQ743ufLzp3yp-CtE9bmr_YJsvkVsr6iKls8Cz5XxZQXTZzHAs4_QwLhqSaL5BJllue7MFJqBQil2_Go_YMUbR1D2DGJjs5k-6unu6Lb0-X57Y40FzLVz5uIWGIakxZFkW0KYkjsdYdY_yuXKdV9T6CFlUg1mXApCZ4AMGBRl55vjUdZJTxUSmkZXZYaNYt6DEdPfbsDtPWetsbBJQpUWtTAf2ziDy6PnJZDFdAXmvcnqpCZFJOBOKqh5pXfoNyIJ6-loLb2rC7TbxZ1s2KxLatMRxs9xw6giOVAzoDthVjXv0MW2eBc4HLTudOWSqC7qhUjrbrb65jgWaCT2dQxyCb27Yy8-zrMG7cO022gXloxGW3DYGqmgZbxlY_tEBGUugWjn0jY55ajCOZBMxY9dnRr-JtETHtpxFQhdczN12xv5pzvUkUZdaMjNyl8Nu_dHoTUc8eu9udYyDjwBpMvEg33zYFeP_6WX90e3JKDxYyIMuhAlIzNs3dC7qnTSNiq2xKjRneohppFDAEJ2olsHFCQKf5j4XMRIxkFew0fqvYnHEk6SBmeXixA6hAPHNX73jqW-wX5-shIUxZXEcGEyN88lg3o8jfC-Ao7keIIfmA3KvZowZSym-OcoIqLGD5IVdlrCyaQT_s6vBsJk4Aau1fcJvMGLPiKxDNaytpLKjNx2CGogQuFhUPNIOWQvZYVV2mndDX9xMmRXFRPa1-4jy4E2p5qztuMtAt55mw2dnPoBswuAs_ivrbDU3B-xNpolvYd_kB2N-XAQZBF-aSJt_EtCuHlmCzuBuyM7j76FZHnAf0-eCqMIKCp2RArMk198w8bHsWBfYUxW78TvH0uzew-aye4qTkl7aZTX_e049Vq8VuwRA-DgTj7gqQc2vxdAqn44tSBLfTlc0LVxrzN8XZSvLSa2wuW_hjzmiQ2eGtEd1jtfK0PLAVhI8mkx6Ykaoo0mPHSipNtFS1_bZJz-J5mn7Ojfd7GK825YPuDvzonYEMMAEqYkKujgutUPTt3qzhp12ebw29qUizFgpLBENJpUrbV2_KAKxog7cMwM9kx_cHHm2uxh4ENM7XLHDayBt_6l5EruzvOqCch8DZrq1Yld4gVAmHhWrbqKtS6kWv4ToVnxmqHdx98HcIKpReW8p6CMNx9_SqA-3mMhrhLWgXqyuCVXuDe4RRWo7R1DvIY6b4VcLP7l8rhad2_5XxAMCmHfsZYe9_9rcuJCLvpLo6P_l7sdMVlzFns_wshyDD5Lj1phhN31UV-3-3e4P9c7f_zSZsGZhcX1WJslTiSv3B9E9E1-Xk3CL8aV6b7Onobq-ZPlEBYlaXZS66YfNaa4LadU6DF3V-dXQ_STwlhYt71pfbI3VW6QZ5EWD83FTpdp6HTGhc1QyPFDAYhmhuajnpZBcvFKrPmqPehu5KpNae51TL_IIiVr4OFn9R0gpvSaovB9nRI_WjLiLOiwN2t_uWu69EBeM0OUZV40jh07acmXEfzc46d7DMBKimZ-MOK7z-39BZh_ocMFP4Iksw09jTs6S9PBjgiPy3qzx_ajuwJcGiLZrLLwdiBIeHh_cIwL2RaI1Om3rn8ioyy1P5-hMJBZSbM84QYzdtQDcQnlnu6lAnNe8Ws4rq_kUrtBbZBcTjab-8mMm3cTCdATL61Tkob_Hmt72rQFqDWZMK233cmHgkQsDWmhH50tWDLP5mSZmgbGe2_QRbwSTewfPlZSXhhij7nbLWZ0h6LYHcMmo7jTv1gUmMrVX2MV1gHrDZLwWFTHzh3QA0S9YcZJ4c5cnJgkxRDtLF_0V3vX1wwsqi-dCvgZCQAhGcAN-0MErYwlsgi3HnH1tAgdwG9Ly-NAy59Mw9ghc-6M62-QrRsf_cOwwq9AOpUOU4MbgEoSOD1AGEVx1Q86PSUfqVTabXZ_cyeKojc1WvqQAWINmyqLaSjPLYF7j7EilWHuoUOUMZAnY24CwPzc5HsDF63SgM-snDPZ1okNDF9-phkUKgPmWzLDiylpHyTkWt4unnao2QjpxBBR32rZOIyARDiTUmbanE1ys54rkbkcJtoojQWBXSXXRnlarh6fi5c59myvZk4kih36U8-Z0WsfnVCbOEApCi926bCXG2QajzoalHDccacuRvVLzuH5zjnWx3ndBhfRW4qHQz2ijeaahhkmVb2_TBcL6ht9Rbu-xSDVpClJ8XbII2_b2RvVWJktTqxkDyGeMyeUl72fOLu8XmzKQPibr5fOgv3OO6D7dkkjOk6FH1IZBGsvvFLy63BktHV5Nh8Dn4Ax4g0Sgr5uP2y6_rfP8sgVBPGfHUiO_0Rd3wpRAEmm_SKBLBh-O85M5YFZnM0zM8bLrXFC_WUT826IoaOBMqDyRjB6xSsoHnkuy3DOiHfFui7JKHWFHm9odTbnnhTw&cid=CAQSTADq26N9V2q5n0FB3NpIAB-j1IpjWPr4I2aNk2g5iO4eGkB1VQydm5G9bW0hOJxEoQFUYG160qjPwIB3jfFDUo5roN7tLumYExRq-AwYASAT&rfl=2%2Chttps%253A%252F%252Fmail.nitrotech.info%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 39EC 60 KB
23 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 16:31:11 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B025 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 141650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B28933254.351700111;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2307692969;ord=3ebmf1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoB7TKd2CY8JZptXv9Q_LhrOA... Show response
ad.doubleclick.net/ddm/adj/N718661.279382DBMPMPRECISION-FCA/ Frame 39EC 67 KB
29 KB 84ms
46ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N718661.279382DBMPMPRECISION-FCA/B28933254.351700111;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2307692969;ord=3ebmf1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoB7TKd2CY8JZptXv9Q_LhrOACLqHhsltkbGajO4Q4tzomcsBEAEgk9ycc2CVgomCmAfIAQmpAv1d4nqfcLE-qAMBqgSeAk_Qjzb2BiNb8eAvj26zltq-6e4xxA06YKeNyBWhx9CEitchjhNrczyimq2HE9CkGt9J-Gy5JAf5uwIXAoMGbmqsYVgmUsw7jhkeS5iJ3_2DBLaq3CsmMknqP0MIRh4xU0JbmAfynFGvvnoOoCc0IdJZtUqXV2A2qqMFjh3V5P_jLHR-gOt5-f08DPZ9nHNiRHEqDsFU7p3BRbFCFT76CmwqGp8lQtxFFUZvujvkcUHLW1P96fsok6XGJYYXyhByYYgHLGy8GLk8l9cbGBYu5_bX8x_yZgTi7-pWgTZxIawIzKpL7wCMHajVtY4dOC0zU3aa1m_N7df5G_88bA6ULEWsTdmNx_gRmLWh-tL1cWq5Fb-ccEOF3DtN4UMQsG_ABNOvjqaiBOAEA5AGAaAGTYAHmcuG0wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE7uvnhHIE5HkuOED0BMA2BMK2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSTADq26N9V2q5n0FB3NpIAB-j1IpjWPr4I2aNk2g5iO4eGkB1VQydm5G9bW0hOJxEoQFUYG160qjPwIB3jfFDUo5roN7tLumYExRq-AwYASAT%26sig%3DAOD64_2j6wUBcR2wQqRgihYcJGLFozugWQ%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C3UmoqMy55wggq6Qg0PKxfQfJf6PULW5pLne-N1Opq9cG0pjGVCikcphqGSalX0dI2YjbWY26tzPMijlfLNh8r2ecwz3RggGfjr2rbmwPTWJj3-hx5N47iJHwEeq9YyJ7DswNqQGqf1wbNGwhzef1NY8PZeBb_PSInD8PbNyTfpe3FbJ0%26cry%3D1%26dbm_d%3DAKAmf-Ao411_jlBrRKOWg38mFqTt-tYOGo46LkZH8KPlEdmHSP-oNVl8YH4cPZY3ltmiNxPq1oB8GLo5yJk4dZGPv6cpbpQQ9IQeWXScOjB1cA0jvLfqRiuagKVkK2jZ0J-3riWZ_8D73QZCkUg33uPj_BVeBXykW0qgrM2eitvVPJVSNbA3_HMsJXvOlIwKiN4DE-wcXp_XXYYKImtyixKH9Z1vr7WV3IuW_xQPE4mDb3YoyTNdBVEtNF6eBlyd-zsW13bFA1ONlm2cGIkeTAB75pB9W-MEblW4PmpxuopMIW8MXH9khX1h7zLWZx9PPo2yg7PXPS0UR6VlOcFEgoMXeIrW7_0WKqsfk9Giyj8jWVg6GOAOi-oUUaCSeJSgvHh9GOSHM1QJJ9hqQdu4q9dsCDV6zN58TiHn3JYmuwgalJRmnsWdkgDNFwSBP-Nt4vIJ4U5HZEu14fAcS85mddQaqfpyECy7DWJU45UlTUDXDKfHnFvwrZiknpWNA0xg_ymXtKTWEX7vQyaTN2amsCXDNkn1O2XOTZXAtie0HJoAp66FldY6Bp0%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fmail.nitrotech.info%2F$0;xdt=1;crlt=x(.MqSpCVX;stc=1;chaa=1;sttr=41;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

10bb9263224691c86143b228f9b60216c215aba19c4b6e9e8a2970af0d8415ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28841
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame B025 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET fontawesome-webfont.ttf
nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/ 0
0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 39EC 106 KB
38 KB 57ms
7ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Origin: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 39EC 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N718661.279382DBMPMPRECISION-FCA/B28933254.351700111;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2307692969;ord=3ebmf1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoB7TKd2CY8JZptXv9Q_LhrOACLqHhsltkbGajO4Q4tzomcsBEAEgk9ycc2CVgomCmAfIAQmpAv1d4nqfcLE-qAMBqgSeAk_Qjzb2BiNb8eAvj26zltq-6e4xxA06YKeNyBWhx9CEitchjhNrczyimq2HE9CkGt9J-Gy5JAf5uwIXAoMGbmqsYVgmUsw7jhkeS5iJ3_2DBLaq3CsmMknqP0MIRh4xU0JbmAfynFGvvnoOoCc0IdJZtUqXV2A2qqMFjh3V5P_jLHR-gOt5-f08DPZ9nHNiRHEqDsFU7p3BRbFCFT76CmwqGp8lQtxFFUZvujvkcUHLW1P96fsok6XGJYYXyhByYYgHLGy8GLk8l9cbGBYu5_bX8x_yZgTi7-pWgTZxIawIzKpL7wCMHajVtY4dOC0zU3aa1m_N7df5G_88bA6ULEWsTdmNx_gRmLWh-tL1cWq5Fb-ccEOF3DtN4UMQsG_ABNOvjqaiBOAEA5AGAaAGTYAHmcuG0wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE7uvnhHIE5HkuOED0BMA2BMK2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSTADq26N9V2q5n0FB3NpIAB-j1IpjWPr4I2aNk2g5iO4eGkB1VQydm5G9bW0hOJxEoQFUYG160qjPwIB3jfFDUo5roN7tLumYExRq-AwYASAT%26sig%3DAOD64_2j6wUBcR2wQqRgihYcJGLFozugWQ%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-C3UmoqMy55wggq6Qg0PKxfQfJf6PULW5pLne-N1Opq9cG0pjGVCikcphqGSalX0dI2YjbWY26tzPMijlfLNh8r2ecwz3RggGfjr2rbmwPTWJj3-hx5N47iJHwEeq9YyJ7DswNqQGqf1wbNGwhzef1NY8PZeBb_PSInD8PbNyTfpe3FbJ0%26cry%3D1%26dbm_d%3DAKAmf-Ao411_jlBrRKOWg38mFqTt-tYOGo46LkZH8KPlEdmHSP-oNVl8YH4cPZY3ltmiNxPq1oB8GLo5yJk4dZGPv6cpbpQQ9IQeWXScOjB1cA0jvLfqRiuagKVkK2jZ0J-3riWZ_8D73QZCkUg33uPj_BVeBXykW0qgrM2eitvVPJVSNbA3_HMsJXvOlIwKiN4DE-wcXp_XXYYKImtyixKH9Z1vr7WV3IuW_xQPE4mDb3YoyTNdBVEtNF6eBlyd-zsW13bFA1ONlm2cGIkeTAB75pB9W-MEblW4PmpxuopMIW8MXH9khX1h7zLWZx9PPo2yg7PXPS0UR6VlOcFEgoMXeIrW7_0WKqsfk9Giyj8jWVg6GOAOi-oUUaCSeJSgvHh9GOSHM1QJJ9hqQdu4q9dsCDV6zN58TiHn3JYmuwgalJRmnsWdkgDNFwSBP-Nt4vIJ4U5HZEu14fAcS85mddQaqfpyECy7DWJU45UlTUDXDKfHnFvwrZiknpWNA0xg_ymXtKTWEX7vQyaTN2amsCXDNkn1O2XOTZXAtie0HJoAp66FldY6Bp0%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fmail.nitrotech.info%2F$0;xdt=1;crlt=x(.MqSpCVX;stc=1;chaa=1;sttr=41;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:31:11 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B71 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 141650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B025 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7c70Kd2CY5qVE6_px_APk5yt2AoAAAAAOAHgBAI&bg=!jo2ljcnNAAbvMpMzzzI7ACkAdvg8WmFgb2HYzS1ycORDz4PiGH31E9wAVyiL4xsHIR5_jMEouJR4-gIAAABvUgAAAAJoAQcKAARo1KxCmQM80Mu8UsfMZBWy7VC_lVmX2RilWcdxXNKWwsZxO98aeGnPVXFEDN8DXmkRtzE88FFVF1IXVU1myVF48YdiANGqOs32A4YU24Wm8RJ6eST1cdhbZKdu_FaEVOnq_rtC36laCkyLm9eGibfV-6b23jQp7gEimhZyqAYKJQHlK3elS28osCb7Z5QIGrRFFXd5eylG-sNpBGSe6Hk_hhRWuP_R4MvbYbwyTBRq4v-wSp5vFA1fTbbVybykGa37Edv_hOgXjyIibuDYFgjYxNBvaJiHiwytiOxiJkR4LCmzI444XtAJ-u1aBQc3bt3alWehNOrI57woWkYn37fQ5vze2RrjmFGFoa1gO4Rr013ZoEaE1i-MFpMJ0qWK4N-gyZazzv3SBL2Dq0dfpBKCGadeU8yHEBKZ2BkR5Gc2lxx-nDbogRqMGBWFZW-EZfxuHP4X2Tylf81Gbr6UbyfjmtdH2-TAZKZxCMZqXNsj1ryoi5b9vce8JOHVdVUhTriPiYcCdDe1CMakewcNAhDSZjnQMAthoCKQd8dzuudRe_NxjRMX6PtjBjSxzkoWN92EobFmFuRLXXAOa9w8Ngrlu76BJiFoA78n1MQEa7T5K-zt7URv16OApIUTZEHVyOrjrxTwJi_cLInFEfjzxIkYqwIosDy5ObZxU6BYBhjSD_CIda7XD3oY0TTL7uaBQ8tPc5SvQl7n8dVRN4o5FX6f0Z6AVwmwdQOlP2xxay-_1yAmFPd5g-jHbi-YW7gxapRK796e9YogH7FtMIq4ttoiepK7QhjTQhI_w_upWY3pLpZh84slH3nWpRkmdOYkn6gy5yJ5V5Jp197XBw5U3DY2cgjvUWZTG-EDHp8CFwxB_kb9u7Sd1B5B8l6ZkEujhG7RN-1SHs3qzHNd5L7DgcVfVetxssqJ5DqWnXYbhC7XbZegKkxwqAEE81KUABY0kV-gxCcX0LjbVLV_tKkROD8csBuR-DCAkRTqIo6uKBtiD437zCcLVzwEeUZWVhmfUyvXVYMx3p9f_iffITdtUHCBcynPnfDJyyTCLNAre6JdR4w0s-quQsoJio9ekCDoCDeK0UL_8YRVLIWemk9WAsd0-r7G

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B71 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/12510176007469714084/728x90/ Frame 3C51 6 KB
2 KB 25ms
8ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c96fd9c5c8dff263d1f8f5163d4b84521a0f5cf402aed7b6edf75bb7bf7bb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 143355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2368
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 11:55:26 GMT
expires: Sat, 25 Nov 2023 11:55:26 GMT
last-modified: Wed, 16 Nov 2022 18:36:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 39EC 0
0 84ms
46ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHFHSXq3ThqKD8UjLzr0z8LFpc7Svy70OluBRFfo_Yq1qQifxqhAdfuDpPp1ayFHV-W8xAcBWIou7En0OeIHqK7LGajbKiiYVdGYXIy5bTeoiAc0jSVPRhE8U_o9TI1SizV7oVxSSBXg1oXvQuLW3xgzvcaj7uFRkrshdO&sai=AMfl-YTpZNz87AJElgq2vVbbTBmD5lR_KcyvbZAn9fxWlKZMSZoQWXW31-1DtAXgGpuIaCwjfNIETcwzpcJh9xXWpgAvwrjwu5fUgs0qAA76&sig=Cg0ArKJSzCHpoHI9NIxXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=89&cbvp=1&cstd=87&cisv=r20221110.05597&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 03:44:41 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3C51 236 KB
63 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 03:44:41 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/12510176007469714084/728x90/ Frame 3C51 60 KB
9 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.js?1665999625660

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de05e650b272365e0f6a7215ccc9c7a15200c3804b945d5467c10b2bd9e982a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8734
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 18:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:55:32 GMT

GET
H3 200 container.html Show response
a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3ECC 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:41 GMT
expires: Mon, 27 Nov 2023 03:44:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 3ECC 4 KB
636 B 34ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 02:07:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 03:44:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8EF3 8 KB
895 B 22ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 02:51:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 03:44:41 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8EF3 2 KB
765 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8EF3 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8EF3 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8EF3 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EF3 154 KB
47 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 03:44:41 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 8EF3 34 KB
14 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 15:35:45 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 3ECC 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3ECC 205 B
296 B 29ms
8ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 20:53:48 GMT
x-content-type-options: nosniff
age: 24653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Nov 2023 20:53:48 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3ECC 604 B
1 KB 28ms
8ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 22:19:25 GMT
x-content-type-options: nosniff
age: 19516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Nov 2023 22:19:25 GMT

GET
H3 200 728x90_atlas_P_1.png
s0.2mdn.net/sadbundle/12510176007469714084/728x90/images/ Frame 3C51 8 KB
8 KB 8ms
8ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/images/728x90_atlas_P_1.png?1665999625613

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c35eb5ae37465e7b5a114042f046dfc210f0a1377dbb43df3e4813e1c9e68b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:32 GMT
x-content-type-options: nosniff
age: 143349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8244
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 18:36:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:55:32 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 39EC 0
0 60ms
44ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHFHSXq3ThqKD8UjLzr0z8LFpc7Svy70OluBRFfo_Yq1qQifxqhAdfuDpPp1ayFHV-W8xAcBWIou7En0OeIHqK7LGajbKiiYVdGYXIy5bTeoiAc0jSVPRhE8U_o9TI1SizV7oVxSSBXg1oXvQuLW3xgzvcaj7uFRkrshdO&sai=AMfl-YTpZNz87AJElgq2vVbbTBmD5lR_KcyvbZAn9fxWlKZMSZoQWXW31-1DtAXgGpuIaCwjfNIETcwzpcJh9xXWpgAvwrjwu5fUgs0qAA76&sig=Cg0ArKJSzCHpoHI9NIxXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=224&vt=11&dtpt=135&dett=3&cstd=87&cisv=r20221110.05597&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 03:44:41 GMT

GET
H3 200 728x90_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/12510176007469714084/728x90/images/ Frame 3C51 42 KB
42 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/images/728x90_atlas_NP_1.jpg?1665999625613

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4af8a9146036a779b8bfaf12c74af241c507a1ddba408e4873e483453730d3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:31 GMT
x-content-type-options: nosniff
age: 143350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43410
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 18:36:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:55:31 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 9724 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B71 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrhRNKd2CY-68Go-V9u8PwKKgyAsAAAAAOAHgBAI&bg=!z8ylzIjNAAbvMpMzzzI7ACkAdvg8WuIHamTBEOKMhVBTKoo5LxAOypNSOSfN73t1zwyv5XQB59I6PAIAAADTUgAAAAJoAQeZAy6BpD-n3DHUBNqfwbfAhZJhGnO4XAeiol2jDLYBIV4LCedXPh0YbWY7hkIwy0Wv1Pmt_zMlxUE88Jy_poR_38eJ_AwCYzjheVWeDnP58sqCLGHvniy6aqehA9xyS7l6g_G81nAwl_TrgKEMDeeWmEUQ-_X_o3A329wnwd_ipQEB93o-V4aqoXSERQTraXF5860AzLJXKPugxzD7qdzaWMK7OSaHY56htb1vr67RrpnYJq7eae8b1kLIOI7QSbCjlMOZXHr3duN49i6NyxvBJPJV8e5asmD6BssNjPKNdnV8FL7vFDHGybenonTtFrNfCUBYk1m3lju_aeTmbf7XvGCf6bjZOedSuZyIdugBQ9NJArODKJnT8echPFP_AqJAY-wg14bxJbt4ZBpFMoJW7c1dXAzhBGtctRbcs3bNm8vpjrIvQztTaQXXwRm4656JZaWqGozhiU5f_rteu4ti6McvuNBW1NqaUSt_Rfrree6EzFHOcJF8A5Yyhz7OXq1w1D75dXgV3f3qQsVer7zfWnK8nGu5mt3QPAmXcATZf4ziVOmZaGznWXiI6vve8quz84Rty4SsILXn4GsTfrJ3BtiM27hpiuCEAG_1kmjHLfYaveeZtDrUAm-Zh5iN25-4O4DkeN5r_R7zb1uJJBEh8ewCmjbk3mQ6XBXgYEqDKCl38e0h16eWoEJWIr1K_c90PRNRosUobNIz9cBhahpmjZX6m5J_8oK748ws_PeLmQY4zdAk5yqdL37b1A0zvvWqaxTgU8naab3QjrP7Gmw_g6PCTQg5O4QUy5nYarFCtm5gzmiXp83NXvpq6HTfsY_86uEnoGyLzpizFP8ugZGTyDCiXpHG27VcJB1suZaJPZP3h5b2Ow_eOAuuZNdEcSmQA3aQFsy8SRuhSioUvqh6oZp-QAkkIA-7H4wmrSG_a9G0AAceN9a7fcpOwUTtQkrwQBPV8LaxdmQ07iW9WAbmJb96mubV4sffcyP1Md0kR7RbAncA7tN_5pd45VnodEwYmqV2PShatuaIY6kCO7YwZZaZ-SZNranNxAQ_JsXOR_DU_5R2k9EVsOs23lGYcfsS

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET Simple-Line-Icons.woff
nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mail.nitrotech.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mail.nitrotech.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=1542849748313698&vrg=2022111501&nw_id=115975610&nslots=13&eid=31070881&pub_url=https%3A%2F%2Fmail.nitrotech.info%2F&sig=0&req=0&req_cnt=14&dm=8

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 230ms
229ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Chm-anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=2830129390&sfv=1-0-40&ris=1&rcs=1&ists=1&fas=2&prev_scp=pos%3Danchor-top&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682096&lmt=1669520678&dlt=1669520680335&idt=580&adxs=0&adys=4206&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=1600x4206&msz=1005x90&fws=132&ohw=1600&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72d4bd80c074db9631ee2d9d53f5b0b10f3eebd3b0ac732d2b21dddd259f8a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14957
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 685ms
684ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=4&adks=1904800462&sfv=1-0-40&prev_scp=pos%3Dbillboard-1&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682102&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e830e3fea3c9e952a81fc605b330380e3b2ffe513c74ba5b0e81761c338f88d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11885
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 453ms
451ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=5&adks=4162055255&sfv=1-0-40&prev_scp=pos%3Dbillboard-2&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682103&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

537df1b6d1a17489b9423f19b0ccb53ece779f1c623243ff6e6363014560a7bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11711
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 353ms
351ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=6&adks=2141707104&sfv=1-0-40&prev_scp=pos%3Dbillboard-3&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682104&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96f91dc6b5a3de61f6adc8c376578baefd53066da02350a3f9ac73b807d5dd6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11612
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 889ms
887ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cskyscraper-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600&ifi=7&adks=930618674&sfv=1-0-40&prev_scp=pos%3Dskyscraper-1&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682106&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37a742b6a09a2eafb419dbe80fde3a708614d23638e75221ac3c5b238c6e723c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11763
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 784ms
783ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cskyscraper-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600&ifi=8&adks=1135442077&sfv=1-0-40&prev_scp=pos%3Dskyscraper-2&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682107&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60e53c3f9f432bbc053705adec78dfe37d90fb98c7eb6c0a0a063ae3374687cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11987
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 564ms
563ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2CMPU-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=9&adks=1584201766&sfv=1-0-40&prev_scp=pos%3DMPU-4&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682108&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4b9ee789c598c647c9985bf7ba277204ea75e46d4c56baab6e368fd5d47eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11829
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 1103ms
1102ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cleaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=10&adks=2271901398&sfv=1-0-40&prev_scp=pos%3Dleaderboard-1&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682110&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

362c823507a195c69b285a3303cd958b4fb44248a43692ebaf3fe59e0eb9d1bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11708
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 992ms
991ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2Cleaderboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=11&adks=3572833128&sfv=1-0-40&prev_scp=pos%3Dleaderboard-2&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682111&lmt=1669520678&dlt=1669520680335&idt=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfae37ab4e0b9fe16e38411fee58b62ad905285c12c87ddfa258961733f3a04a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11575
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 1379ms
1379ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2CMPU-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=12&adks=1263205018&sfv=1-0-40&prev_scp=pos%3DMPU-1&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682119&lmt=1669520678&dlt=1669520680335&idt=580&adxs=1074&adys=1083&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=326x15&msz=326x15&fws=4&ohw=1600&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0edcc63b7bb7f89036ad871eaf2bd7957a3bff7bf84240d3f7016c5bc6fc894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11691
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 1507ms
1506ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2CMPU-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=13&adks=563312697&sfv=1-0-40&prev_scp=pos%3DMPU-3&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682124&lmt=1669520678&dlt=1669520680335&idt=580&adxs=1074&adys=1113&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=326x15&msz=326x15&fws=4&ohw=1600&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e2322a4caadef261d83772d418aa472139a97bc1a3b234c395e39c5f858b7c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11509
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 1616ms
1616ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542849748313698&correlator=1764726417195584&eid=31070881&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=115975610%2CMPU-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=14&adks=1515243669&sfv=1-0-40&prev_scp=pos%3DMPU-2&eri=1&cust_params=site%3Dmail.nitrotech.info&sc=1&cookie=ID%3Db0aa2a16cd2e247a%3AT%3D1669520680%3AS%3DALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA&gpic=UID%3D00000b88e316ed08%3AT%3D1669520680%3ART%3D1669520680%3AS%3DALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg&abxe=1&dt=1669520682127&lmt=1669520678&dlt=1669520680335&idt=580&adxs=1074&adys=1098&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmail.nitrotech.info%2F&frm=20&vis=1&psz=326x15&msz=326x15&fws=4&ohw=1600&ga_vid=1469647755.1669520681&ga_sid=1669520681&ga_hid=640089658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66bd9a769c3c5f3d5a2b77c18fca8ec6d548ae2233328dd229468aacc2e6667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11898
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.nitrotech.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 41ms
25ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e18077864966ee3feee81cc6332e1693eadbc8e3a4cd0c9d5ae92d78612560d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11234
x-xss-protection: 0

GET
H2 200 featured-3.jpg
i0.wp.com/nitrotech.info/wp-content/uploads/ 47 KB
47 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/nitrotech.info/wp-content/uploads/featured-3.jpg?w=900&ssl=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ea06e20e464957a95f881358f0ac26d1979b7bd966d7cd63f410c45c54de4420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 27 Nov 2022 03:44:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 20 Nov 2022 22:38:47 GMT
server: nginx
etag: "662d9a295dee7824"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://nitrotech.info/wp-content/uploads/featured-3.jpg>; rel="canonical"
content-length: 47894
expires: Wed, 20 Nov 2024 10:38:47 GMT

GET
H2 200 featured-windowscentral.jpg
i0.wp.com/nitrotech.info/wp-content/uploads/ 37 KB
37 KB 9ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/nitrotech.info/wp-content/uploads/featured-windowscentral.jpg?w=900&ssl=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f7e5cc2bc5cde96bd5ffb36f993d4d3cac05489cceb69cb534ae3eacb084eeab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 27 Nov 2022 03:44:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Nov 2022 12:53:06 GMT
server: nginx
etag: "d763beadb53935d7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://nitrotech.info/wp-content/uploads/featured-windowscentral.jpg>; rel="canonical"
content-length: 37666
expires: Tue, 05 Nov 2024 00:53:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 03:44:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 10E2 13 KB
5 KB 11ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:25:47 GMT
expires: Sun, 26 Nov 2023 21:25:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B939 783 B
1 KB 50ms
19ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b167134ba97bfb4ed3777099f1259775c0befbec5cc48bf390d6b1549b01e0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D6igaAd8aVQO0F0T2mnruA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-D6igaAd8aVQO0F0T2mnruA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:42 GMT
expires: Sun, 27 Nov 2022 03:44:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 10E2 36 KB
16 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 39EC 0
0

GET
H3 200 container.html Show response
a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B003 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:41 GMT
expires: Mon, 27 Nov 2023 03:44:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B656 624 B
245 B 36ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNX9OJdDEf3CEcTM98DznarBC7DjNl04Zbfk_Yc-sIMKnQeJkEWLHWrdldyzgm22tBvRgkFbLf4kIs5F47FXZk0uOlGAOURDrNZVY2MPA3iyKRMcI08-bVNP-owXfg_jbWV4E51Tcg47QluEXAWo-MMfYXFrK0j688WOpWG_s6g1By6kWwd0H4IyUALLbxVckNbikjqy

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:42 GMT
expires: Sun, 27 Nov 2022 03:44:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6DCB 15 KB
11 KB 55ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwHpCvC5PtMvkEKpbLkahcWQgZ_msl8cYUUlLK8vA7-ANKiHrvTQOWJFU_XPUY0GwmP7SuiNvgRFwIkKy-a7DB2JPGiCJKpHsTiTIfsmiyA1DoE4rvh3scVpybPaoECB2I8U_MLh6ykiSV_bRD2U2puuAlrLMxEWD7kauhSBFcPWH3KVg&cry=1&dbm_d=AKAmf-CjopDiMK2HOjOJ0cjOpR3FlWaswJLhI6b00sHqbljZkzjliOM5NJ-SvtRYWo5uo-bs877ysw7Sq0lILgJzbgt5kazIwdIuLsaRfRTH3KNmC1qt6RoBPBbr86LHQ8_DWmLTsswJeTp1Ywn85Aq0Wn2rqJUfsUg56f_qNr32ruZOArmwkAT7mknefNoyOH7jQyiyaDr9h6YICLj7qd40kHAUtlbPpoB3oRPwR4OyoTFm5ANQ9oRIWvc2Nws0iz5F8Q6FZdXSDhhPI-4Wl1I0uRQTN9EBWuUwqviHZEg-1TUsM8R8XWG9VT8PS4w6NH7S_dIAGAdBcfrcJHcFasdKEPDp2AxI1dgNiv6dfKlSE_m44jSG3FAenGuZNNvmzudJxYAdV8tq-zoQE7Yc_skBePY57xtRzeiMAYJVndYwgFBiDRGdMIPNO8wfilN-0aR_r940rJJwtGsBiczUTZXBIKN1uRgevYvc14L7Wsj4xNW4VeSZQ_qnaI3Gsqvb_6P2KxocDh6ntQRpABfQt7Xt5lOUfastaXiU0VhRaSt7Mt07Omhy5-OYq-q3Lww4-lVp7oepZChFsrTlYXB31zJoy8b2Fo7bGccTp07uWI7oOmPThGI06GWS9ifWYlxmsBkVw5HnlX72cJOiNe-Q1uZLyZB-p9JsJSXLeC6yXbReXMFi0KrD1CBRpCnVLnbKjS6B0qrml8mQEni0gGfIZyi1KTRHpkHfbrclJM6HsUiCZWWm6YqEXWROFV6U4LSWYshJjJQoW9nzpgFif3nK0bPGyaKlqUOjdeNfD7YpiXzg4lP-gkkpAxsMoS0ZQrz8WYJnmj0MPzgCaGLgP5sFrHjn1rjufHL6oI1LkG2rv4bLveky-w0i10ZH5WzhDk0tyuwO855lnpEAW82FsB1RqkgIQfzPjW8rZuamHUnuAkeQDKG83o5F-Efl4UycBih4tCNnB3P7K484gyglVLlA703BOKmLIt2iZL7ulRHaGTUBjxW-Now_38KgAYNR212-g06fNpD4MYKCkCSH-GMeunPLLhAfjHYIJHFdtvLAnXOLoKSWb4tYXQTZK934Yh-MQ7WSTMiFfp7wK3iqvech_dSiKpOfSn--jatmV2ICBWuvbyOFUGELN766HCm8oQcDCa1A26ctu1wgMUrrWhGl2DevmBn_hyINWd0C_64qRGxXfsLvp31k6QX6IqPbJwa6nygmDRdovuKACt9oGZVy3LER0XTqE_Kl4J-iue6sGnwmDP53vuvewPouPU1D-XIH6S8Ahz7aopu22tj3mxz4HP8BKSqlLKbT7r5Fjv0L3UU2mjaMnyU_14K-o7_PkNBsHxfcrMe4MczhkdwEoyBmpoFWFRQ1Tp8GSsxMXekUFOpdzFchfmH3tPs4zl4H9uhNNI1AneeaKujJJRLU9Luawt4Ojr5ivKQNWn596cs1t4ddSZnfcdAzVwB-BPc_FqGWuA1TR_eONLi2reTey5r5H37CDfDMCFv2DYshTmaqzeipBfToa7AIgyy7Y5eOXxnbN6TMrBQ-Xq8qWlcP-Xj70sll_vOvKQ-FXljbtru5FOVUSTjYV1B4PzSUvWV2Q7Udd7imTXAZanLp1WMtGj4w5LF3QhYiTz0sKbxSpHnfnk2bbHlX5eY4MFqdzSCZV9d3ITEfwc1M6Z0KAJ5o4avWDay7gORVVREOvZlgvTkrMII-P55P3Cbv4yjupvf6ILzQlsrjM-6HK2U1wAlVIlJLIEhqeJbLbe2nZNxKNgoQJzdvmJ-mXl7LLgrLKEfJviEeRPb9iXrh8be0CIoxugzE7HGsoP7S5t3cFMh-rSoISd1KM1JTgYH8gr57IwZXJTQjNNfzEXiwNITBvsiTaDZ2yzq2GlihlfJ3bKs1mlXC07Os_fRtZ_XDkvDcQqdvXYpnQKPbXFJRkdR0fjeDChKeMBh26PZaql5bQWwSVlO_gc4Fj3uSVXbTdirP_6sHoJfDY0EUKW1zUIFDDG1VFjb7YHM7HCz_AmJhCehU73PKG6y7amRKgVG1FvgdNUWH4axdrEsEKnUUcAO_bLWSRjrDpLukBNEhEFeOHMlVLJPtOu_yjVVGtWieXwpSEyEYh6DaKmDxpbBDv3rNl-UAFohbA8hHjAtbx5pg7EpB2sSkv5_3ossYKL85hJLYue9M3BxDb5C-JU2sgUmPipepdFzP7JT7sCwG_Jbz2WbjyNDTUSdBEmlpYETv8cqKJIpWdJ46gHfIDBt8DTkKUfKtWDHq5riPq_E-6QP4qGZTCQV4be1ASqKHc4rFhzOBpgcxNSGd9u8Uf6co4ckr_LWM1ZvssApaD3YeTuk1PZku6TvAxGoDPKdyN07cw7t5AMJibDmSMWqyAuUsWMJP_VjlQsyNglt2BphUC4b0ESkskQ-kCdLF4FKEQ42LVmu7t_yxoqPoMtnOls3d3K_wVS0J6XAfG4huunH8JPuEAH_PdmZU4bkAmpkVht6xwoiD0u5bpB8mHbz-eW-kYSDIHzwG8lNyTTE2Iyw_Xn3MEnV773ys1d8uPFmVN5PE1VlMl-ZajnjXjKsVuNkBE4koKNCm9olSrmat7uleYBgY1yWgkbnWZV6uR33dRBKX-QDXTmMKr4aKJsTlg_ftQcvfo7jY615ha7xGoQEQfZZkCc0TiS2NNoCKhELssSMooScRZ06pudDSvOEXUy274L-whjxMqI2zFRPOiVGX3IBCAzn0Zd_axnRPmzOmIAkyMoglaVKLxF138H_Da_KuX_haQhde9ZUjfB4JhzSpd4oxf3uYzzlDpOtaiG1grBEBdhRBX8ysy7pP_y5vZ1DoD52rJqOq_ZOEYkBAp6VOkf6sct4Vym8UZJy-K0islPirb8xm0jQE0IpIyXZoP1ccdMXc0A-eDXK2EnI3qAiru-9PWVMOmY-UAeDQPyNJ_QQk0lnFIoXVTTSho1fFJIZs-Y1yYA9xbGKNgOkoBUFHZAWl8pKuzxMNPgaGgB2SOcbcO2torLW_9CRChx8okM0w3H1SqxcRZvAYwWR-Row9RQz1whr2_fm0JOW33Zj3goM22riqJV1yD1jBynsmjGIVv80J8xAdwf8lcDgFf66JsSVlLSPNiBKoD7DSNg6zXYHYSENJ5b808LB2EX3y9gt79QcKY1LRIMDX0PKcfUa-r1TOA0T8wG3Hc6q0MqR_tV52Uj6c_QzzHSXNq8WTim_uIM5S_b7ynFNFucXrfDi5YVCezCXsgZ9YETwskL9FnOr4FBY59sB-Sla-g0pA2_1z7sa2_hbZFp4v7mxXlOL3tiHGRYbom74VAmNyymomGkk_gfG8Q9QRWfwK9cDIODUdyD2qXjoyL7q6l91XoFMmmOBfv8fxNzFewFYQ8x9Cvcc_n7dfeuWKctTpoG_N6dZ1A144Uz9a3O20lXP26SZqpVQFlZNFSeS8QwZ9KkkuQHk7Dj0idSaZattoDK5Zn2KMlax9c8GA0dMr5I4MwUqrjK7gUw&cid=CAQSPADq26N9Zw4dTaMCN2QhQTRI4X5t6mN_fcpnzztIJnb1HUVgDSoipNREB_J86WXwXIDewtWsa52GEsQVThgBIBM&rfl=2%2Chttps%253A%252F%252Fmail.nitrotech.info%252F%240

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b61af222a5710cf41a4ffac805cca7bd9ca51e81b8cedd8b7d44a270b8df348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11149
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6DCB 28 KB
11 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 27 Nov 2022 04:31:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6DCB 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6DCB 18 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6DCB 0
0 36ms
17ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoc5elzuxcFJkgWago4qaZzPoHezUKpSBSZTgYEgg738ZgPd-HTg3CogOHeBVIHPJZvLbuahNk9qrh8C6IoTh3WuWzSQ
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DCB 154 KB
47 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 03:44:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DCB 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DuEWbvliGGX0iebkeyoSe_sZQdZA--ARIjthPif7C81q28eqRaIG_R2d9qS7PjFvqTl26vaavuQcA8qSNsW9TKRWuTBi0pTDC1WTf6E8fmfMgO3Pg

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B939 0
0 49ms
49ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1542849748313698&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B656
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNX9OJdDEf3CEcTM98DznarBC7DjNl04Zbfk_Yc-sIMKnQeJkEWLHWrdldyzgm22tBvRgkFbLf4kIs5F47FXZk0uOlGAOURDrNZVY2MPA3iyKRMcI08-bVNP-owXfg_jbWV4E51Tcg47QluEXAWo-MMfYXFrK0j688WOpWG_s6g1By6kWwd0H4IyUALLbxVckNbikjqy
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B656
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4LdKaqhx5T4mb9vCLk.8wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNX9OJdDEf3CEcTM98DznarBC7DjNl04Zbfk_Yc-sIMKnQeJkEWLHWrdldyzgm22tBvRgkFbLf4kIs5F47FXZk0uOlGAOURDrNZVY2MPA3iyKRMcI08-bVNP-owXfg_jbWV4E51Tcg47QluEXAWo-MMfYXFrK0j688WOpWG_s6g1By6kWwd0H4IyUALLbxVckNbikjqy
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMH5lC0TQ5_TIUg4MIHhnQA&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B656
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIWFymkoYb3ciS5aBS2H0LE&google_cver=1

43 B
1016 B

18ms
17ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIWFymkoYb3ciS5aBS2H0LE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ2OXN-AMYvM-H2gEwAQ&v=APEucNX9OJdDEf3CEcTM98DznarBC7DjNl04Zbfk_Yc-sIMKnQeJkEWLHWrdldyzgm22tBvRgkFbLf4kIs5F47FXZk0uOlGAOURDrNZVY2MPA3iyKRMcI08-bVNP-owXfg_jbWV4E51Tcg47QluEXAWo-MMfYXFrK0j688WOpWG_s6g1By6kWwd0H4IyUALLbxVckNbikjqy

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:42 GMT
AN-X-Request-Uuid: a732b420-7f3e-4374-87a1-cdc2c5efbace
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIWFymkoYb3ciS5aBS2H0LE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B656
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4MTQ0NjA4Mzc1MTk1MDk1OQ%3D%3D

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4MTQ0NjA4Mzc1MTk1MDk1OQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:42 GMT
AN-X-Request-Uuid: e492ee1d-5e4e-4a4f-90fe-6b574df413ce
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4MTQ0NjA4Mzc1MTk1MDk1OQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 10E2 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iivCyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6DCB 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwHpCvC5PtMvkEKpbLkahcWQgZ_msl8cYUUlLK8vA7-ANKiHrvTQOWJFU_XPUY0GwmP7SuiNvgRFwIkKy-a7DB2JPGiCJKpHsTiTIfsmiyA1DoE4rvh3scVpybPaoECB2I8U_MLh6ykiSV_bRD2U2puuAlrLMxEWD7kauhSBFcPWH3KVg&cry=1&dbm_d=AKAmf-CjopDiMK2HOjOJ0cjOpR3FlWaswJLhI6b00sHqbljZkzjliOM5NJ-SvtRYWo5uo-bs877ysw7Sq0lILgJzbgt5kazIwdIuLsaRfRTH3KNmC1qt6RoBPBbr86LHQ8_DWmLTsswJeTp1Ywn85Aq0Wn2rqJUfsUg56f_qNr32ruZOArmwkAT7mknefNoyOH7jQyiyaDr9h6YICLj7qd40kHAUtlbPpoB3oRPwR4OyoTFm5ANQ9oRIWvc2Nws0iz5F8Q6FZdXSDhhPI-4Wl1I0uRQTN9EBWuUwqviHZEg-1TUsM8R8XWG9VT8PS4w6NH7S_dIAGAdBcfrcJHcFasdKEPDp2AxI1dgNiv6dfKlSE_m44jSG3FAenGuZNNvmzudJxYAdV8tq-zoQE7Yc_skBePY57xtRzeiMAYJVndYwgFBiDRGdMIPNO8wfilN-0aR_r940rJJwtGsBiczUTZXBIKN1uRgevYvc14L7Wsj4xNW4VeSZQ_qnaI3Gsqvb_6P2KxocDh6ntQRpABfQt7Xt5lOUfastaXiU0VhRaSt7Mt07Omhy5-OYq-q3Lww4-lVp7oepZChFsrTlYXB31zJoy8b2Fo7bGccTp07uWI7oOmPThGI06GWS9ifWYlxmsBkVw5HnlX72cJOiNe-Q1uZLyZB-p9JsJSXLeC6yXbReXMFi0KrD1CBRpCnVLnbKjS6B0qrml8mQEni0gGfIZyi1KTRHpkHfbrclJM6HsUiCZWWm6YqEXWROFV6U4LSWYshJjJQoW9nzpgFif3nK0bPGyaKlqUOjdeNfD7YpiXzg4lP-gkkpAxsMoS0ZQrz8WYJnmj0MPzgCaGLgP5sFrHjn1rjufHL6oI1LkG2rv4bLveky-w0i10ZH5WzhDk0tyuwO855lnpEAW82FsB1RqkgIQfzPjW8rZuamHUnuAkeQDKG83o5F-Efl4UycBih4tCNnB3P7K484gyglVLlA703BOKmLIt2iZL7ulRHaGTUBjxW-Now_38KgAYNR212-g06fNpD4MYKCkCSH-GMeunPLLhAfjHYIJHFdtvLAnXOLoKSWb4tYXQTZK934Yh-MQ7WSTMiFfp7wK3iqvech_dSiKpOfSn--jatmV2ICBWuvbyOFUGELN766HCm8oQcDCa1A26ctu1wgMUrrWhGl2DevmBn_hyINWd0C_64qRGxXfsLvp31k6QX6IqPbJwa6nygmDRdovuKACt9oGZVy3LER0XTqE_Kl4J-iue6sGnwmDP53vuvewPouPU1D-XIH6S8Ahz7aopu22tj3mxz4HP8BKSqlLKbT7r5Fjv0L3UU2mjaMnyU_14K-o7_PkNBsHxfcrMe4MczhkdwEoyBmpoFWFRQ1Tp8GSsxMXekUFOpdzFchfmH3tPs4zl4H9uhNNI1AneeaKujJJRLU9Luawt4Ojr5ivKQNWn596cs1t4ddSZnfcdAzVwB-BPc_FqGWuA1TR_eONLi2reTey5r5H37CDfDMCFv2DYshTmaqzeipBfToa7AIgyy7Y5eOXxnbN6TMrBQ-Xq8qWlcP-Xj70sll_vOvKQ-FXljbtru5FOVUSTjYV1B4PzSUvWV2Q7Udd7imTXAZanLp1WMtGj4w5LF3QhYiTz0sKbxSpHnfnk2bbHlX5eY4MFqdzSCZV9d3ITEfwc1M6Z0KAJ5o4avWDay7gORVVREOvZlgvTkrMII-P55P3Cbv4yjupvf6ILzQlsrjM-6HK2U1wAlVIlJLIEhqeJbLbe2nZNxKNgoQJzdvmJ-mXl7LLgrLKEfJviEeRPb9iXrh8be0CIoxugzE7HGsoP7S5t3cFMh-rSoISd1KM1JTgYH8gr57IwZXJTQjNNfzEXiwNITBvsiTaDZ2yzq2GlihlfJ3bKs1mlXC07Os_fRtZ_XDkvDcQqdvXYpnQKPbXFJRkdR0fjeDChKeMBh26PZaql5bQWwSVlO_gc4Fj3uSVXbTdirP_6sHoJfDY0EUKW1zUIFDDG1VFjb7YHM7HCz_AmJhCehU73PKG6y7amRKgVG1FvgdNUWH4axdrEsEKnUUcAO_bLWSRjrDpLukBNEhEFeOHMlVLJPtOu_yjVVGtWieXwpSEyEYh6DaKmDxpbBDv3rNl-UAFohbA8hHjAtbx5pg7EpB2sSkv5_3ossYKL85hJLYue9M3BxDb5C-JU2sgUmPipepdFzP7JT7sCwG_Jbz2WbjyNDTUSdBEmlpYETv8cqKJIpWdJ46gHfIDBt8DTkKUfKtWDHq5riPq_E-6QP4qGZTCQV4be1ASqKHc4rFhzOBpgcxNSGd9u8Uf6co4ckr_LWM1ZvssApaD3YeTuk1PZku6TvAxGoDPKdyN07cw7t5AMJibDmSMWqyAuUsWMJP_VjlQsyNglt2BphUC4b0ESkskQ-kCdLF4FKEQ42LVmu7t_yxoqPoMtnOls3d3K_wVS0J6XAfG4huunH8JPuEAH_PdmZU4bkAmpkVht6xwoiD0u5bpB8mHbz-eW-kYSDIHzwG8lNyTTE2Iyw_Xn3MEnV773ys1d8uPFmVN5PE1VlMl-ZajnjXjKsVuNkBE4koKNCm9olSrmat7uleYBgY1yWgkbnWZV6uR33dRBKX-QDXTmMKr4aKJsTlg_ftQcvfo7jY615ha7xGoQEQfZZkCc0TiS2NNoCKhELssSMooScRZ06pudDSvOEXUy274L-whjxMqI2zFRPOiVGX3IBCAzn0Zd_axnRPmzOmIAkyMoglaVKLxF138H_Da_KuX_haQhde9ZUjfB4JhzSpd4oxf3uYzzlDpOtaiG1grBEBdhRBX8ysy7pP_y5vZ1DoD52rJqOq_ZOEYkBAp6VOkf6sct4Vym8UZJy-K0islPirb8xm0jQE0IpIyXZoP1ccdMXc0A-eDXK2EnI3qAiru-9PWVMOmY-UAeDQPyNJ_QQk0lnFIoXVTTSho1fFJIZs-Y1yYA9xbGKNgOkoBUFHZAWl8pKuzxMNPgaGgB2SOcbcO2torLW_9CRChx8okM0w3H1SqxcRZvAYwWR-Row9RQz1whr2_fm0JOW33Zj3goM22riqJV1yD1jBynsmjGIVv80J8xAdwf8lcDgFf66JsSVlLSPNiBKoD7DSNg6zXYHYSENJ5b808LB2EX3y9gt79QcKY1LRIMDX0PKcfUa-r1TOA0T8wG3Hc6q0MqR_tV52Uj6c_QzzHSXNq8WTim_uIM5S_b7ynFNFucXrfDi5YVCezCXsgZ9YETwskL9FnOr4FBY59sB-Sla-g0pA2_1z7sa2_hbZFp4v7mxXlOL3tiHGRYbom74VAmNyymomGkk_gfG8Q9QRWfwK9cDIODUdyD2qXjoyL7q6l91XoFMmmOBfv8fxNzFewFYQ8x9Cvcc_n7dfeuWKctTpoG_N6dZ1A144Uz9a3O20lXP26SZqpVQFlZNFSeS8QwZ9KkkuQHk7Dj0idSaZattoDK5Zn2KMlax9c8GA0dMr5I4MwUqrjK7gUw&cid=CAQSPADq26N9Zw4dTaMCN2QhQTRI4X5t6mN_fcpnzztIJnb1HUVgDSoipNREB_J86WXwXIDewtWsa52GEsQVThgBIBM&rfl=2%2Chttps%253A%252F%252Fmail.nitrotech.info%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 6DCB 60 KB
23 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 16:31:11 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6ECF 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 141651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 B28933254.351700111;dc_ver=92.271;sz=728x90;u_sd=1;dc_adk=1761367589;ord=7nfjk0;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvS_DKt2CY8jjCKO17_UPhrOXsAa6h4bJbZGxmozu... Show response
ad.doubleclick.net/ddm/adj/N718661.279382DBMPMPRECISION-FCA/ Frame 6DCB 67 KB
28 KB 101ms
83ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N718661.279382DBMPMPRECISION-FCA/B28933254.351700111;dc_ver=92.271;sz=728x90;u_sd=1;dc_adk=1761367589;ord=7nfjk0;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvS_DKt2CY8jjCKO17_UPhrOXsAa6h4bJbZGxmozuEOLc6JnLARABIJPcnHNglYKJgpgHyAEJqQL9XeJ6n3CxPqgDAaoEngJP0A-W-Sn4LPXwd-kMy6n7eUo1wgGrWFtTypTztDLPoJg2XULAKAtRaxgdBeZ5ohmMnHHVcjJ1tRA9phpQ4zEsAv8vaWzDvzuWgX3sRzFY1xwRCpln9iZHJueWGZrnCzIDcdxVlKkzpYoqWBZH9CM8ml--Koz0wiEt7SCvDE-jqk-JMlPubk9MOyENP3hsoUtEOUalg7-uRSBNGL6-xfnCFNu4DpR6Aa8DiVSLFCOmahBs9O3Gv-ylqsUNkIoSEbAZJ1TI33HiMvRc3sTkZ_9eRcISDKGuHED8dT0tqQLFR4SR_ZJXgKoi178qOl7Ky8OeJh8IEIPUicKZBXECCRkKJevk8MjzdFk5rG-odVXjhDbGgeIeuqum6ewVgF_zwATTr46mogTgBAOQBgGgBk2AB5nLhtMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO7r54RyBOR5LjhA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9Zw4dTaMCN2QhQTRI4X5t6mN_fcpnzztIJnb1HUVgDSoipNREB_J86WXwXIDewtWsa52GEsQVThgBIBM%26sig%3DAOD64_1ykqMNGaji8shw1jLfOSh6i0WViA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-AZiS023zpDKoVmh4viJ5Dv3LB_KiUFgsgjtQB9bKM-qJ_GPP0CYvFvgaFCWYtrvdvvUk5nWXE45EcqVTJILcVP2CxRVfgfXcy-5sCJn2a7GF5yvCOapUwb50lpqznFaMVYkM9sQoeYnd3wsisWZ11vWNKMS7dG84vA-luoknKYV1rAbHo%26cry%3D1%26dbm_d%3DAKAmf-D5Xoaw3FI7SIlm337dsPymPrDOqw9aoOcVOliRrcVACZtJpwp-19V4zOXgxBtwYrNdZlrmjyI0WV4fZXaTV4iSMv0pYEh4qxicUtAC4EEiOeqkW6aD_JDGQE3HrICyWrsvajWmAj3LXxSzFI89AVuTcjjBA-8xxMS283sx52oemxexKLCegs_yJsxKoHidls9ReKOHe2kUMn7PNbrde9jtj0b6DvBqnFvUeHAIHyBl-K6EHMOHiAMjGmFebFKL7pXw4l9UgFBO7AzqcBS8-H2Hwfb5oOC6RMtzPb2SAzQgltVbxhPYAguUOxkGEgNZifqNIam1IMMkUGpHnmJ0OoKU33TxBCqSAuXZhVoBKwkWym4luq59DhUdRXXDwu8N_sdrtAl12X7ethwBlYpJEGm-BvuJMw5EMhsfqKygpp3VdzbSkAIjB3xdF5ihSGSN22bnfsjyBfOt3GhGgmbD74IPpdIqZ8lSXwYTzj8swgre1tsHoDVxxZztly6rOTgS305Fu35h2AMJ8Rt_K-dxvvt5lORBAhWK7vGGPlgFg8YgmMKU4SM%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fmail.nitrotech.info%2F$0;xdt=1;crlt=x(.MqSpCVX;stc=1;chaa=1;sttr=27;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

b4cda0e60f723db24dc30c2b7f75d6dcc581d2573b0238226436812c9ec9911c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 6ECF 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6ECF 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bqp7gKt2CY_n2GYScgAfs8aaYAwAAAAA4AeAEAg&bg=!mpmlmd3NAAbvMpMzzzI7ACkAdvg8Wm-hWvOk7gT4RSEaH0G0-gdvF2FNU3b4KR9hLpk1OlQQVIXgSwIAAABJUgAAAANoAQeZAz2YdMIerud79vXYl9Da0nA1sgBb16h72RLwcUMfEEy92ESY0DVxyQhQAAx7ID1ib4KZ7u68rRsnJRlJWdJ4_HheCu735u94j7WJquH80Phs4s6p_TVAgwx6x6E9-GR1Sk7FmQiaK8kN9Lul_emxIDi_zE4vppphFcPv_f-HhCbIB1H0Tfnb_QTl0VYw2SPQxw-lhKnrlc0Aqai1GcJ2aWxT-5gz0d2dVsJROc6OE1Bc2oIuAEcsGOthv6JSHWmtSHQsnGMnJMykECoVdcYR_ddGJc3WNooCRe3YNfXoH34_FvWoFA9p1NpPX5r0z59QvHNtgRojlEM_1x9vSbIILHvJecM2MkqIZLpLtIwzz_rrE3Kd8_QpkubBRpnvf4Cd8ZXqx6w-se7IGXEnYHXSDx_c5eoR9L_ksRbttI9cYMPK-gsx0bmcR701jHXJc_Al4yBmCUYJG_rVTBGAJ8Sx-SkOQ5jiCz5HKRoeB2XYTvC80FDgee9BoyWWgN1D7VHtWT-sPr_UdA41GlDIfWOWbd9LR-DdSwjWRIiKwCF5XA7w3AmdstdrvTeLwbJhHuZyebifyRUzs3N8TeeNJ_V4w0d9zTOx-D6H9UV_03au_YVI0I21f7zkAmB1deEmEM_4gcRvqM4RP8ET1NGkJIDkd3lvNt-sXKm1g9mVfu2roy7SX5omDNs--l72aTts6jDRoDraHArkcRy6Q-FpPeldkn0nfLIEWHPTfeNcDkESeTXHmTQBjFMFHl9jA95yaFUGcDPv4_r2_gGzjFVgXU6yq5SLZ55_ET6uBNNFB4ZDPuCyRA0Zn1Lm93OEwpxnxyAk7D8pPT_myfEFnjipuUZhSK-yySjVWsgqWOk6NhTdKsY7J2COzxp--WzWpv_gjWRO9bzMrSmGMySPvgmjHv6tkPmARo2joDgfKvGKYSdprc7RBHLA3hEwft7zUDtVNiMWk-cLZIE9URg0l6ymsGr0a7ScYNV4wVJYSQTQs1QGGesOSBfiCkXTZpy6BY8BefXYJvPV_vFomCr4f8LTDpeFccNJiOnGHG8BEw3gpjcSbUQUYEc-ncbvvQ08SZJqMqEvJrb10vbbILAS6RKNj2BV

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6DCB 106 KB
37 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Origin: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 6DCB 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N718661.279382DBMPMPRECISION-FCA/B28933254.351700111;dc_ver=92.271;sz=728x90;u_sd=1;dc_adk=1761367589;ord=7nfjk0;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvS_DKt2CY8jjCKO17_UPhrOXsAa6h4bJbZGxmozuEOLc6JnLARABIJPcnHNglYKJgpgHyAEJqQL9XeJ6n3CxPqgDAaoEngJP0A-W-Sn4LPXwd-kMy6n7eUo1wgGrWFtTypTztDLPoJg2XULAKAtRaxgdBeZ5ohmMnHHVcjJ1tRA9phpQ4zEsAv8vaWzDvzuWgX3sRzFY1xwRCpln9iZHJueWGZrnCzIDcdxVlKkzpYoqWBZH9CM8ml--Koz0wiEt7SCvDE-jqk-JMlPubk9MOyENP3hsoUtEOUalg7-uRSBNGL6-xfnCFNu4DpR6Aa8DiVSLFCOmahBs9O3Gv-ylqsUNkIoSEbAZJ1TI33HiMvRc3sTkZ_9eRcISDKGuHED8dT0tqQLFR4SR_ZJXgKoi178qOl7Ky8OeJh8IEIPUicKZBXECCRkKJevk8MjzdFk5rG-odVXjhDbGgeIeuqum6ewVgF_zwATTr46mogTgBAOQBgGgBk2AB5nLhtMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBO7r54RyBOR5LjhA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9Zw4dTaMCN2QhQTRI4X5t6mN_fcpnzztIJnb1HUVgDSoipNREB_J86WXwXIDewtWsa52GEsQVThgBIBM%26sig%3DAOD64_1ykqMNGaji8shw1jLfOSh6i0WViA%26client%3Dca-pub-8473763341054993%26dbm_c%3DAKAmf-AZiS023zpDKoVmh4viJ5Dv3LB_KiUFgsgjtQB9bKM-qJ_GPP0CYvFvgaFCWYtrvdvvUk5nWXE45EcqVTJILcVP2CxRVfgfXcy-5sCJn2a7GF5yvCOapUwb50lpqznFaMVYkM9sQoeYnd3wsisWZ11vWNKMS7dG84vA-luoknKYV1rAbHo%26cry%3D1%26dbm_d%3DAKAmf-D5Xoaw3FI7SIlm337dsPymPrDOqw9aoOcVOliRrcVACZtJpwp-19V4zOXgxBtwYrNdZlrmjyI0WV4fZXaTV4iSMv0pYEh4qxicUtAC4EEiOeqkW6aD_JDGQE3HrICyWrsvajWmAj3LXxSzFI89AVuTcjjBA-8xxMS283sx52oemxexKLCegs_yJsxKoHidls9ReKOHe2kUMn7PNbrde9jtj0b6DvBqnFvUeHAIHyBl-K6EHMOHiAMjGmFebFKL7pXw4l9UgFBO7AzqcBS8-H2Hwfb5oOC6RMtzPb2SAzQgltVbxhPYAguUOxkGEgNZifqNIam1IMMkUGpHnmJ0OoKU33TxBCqSAuXZhVoBKwkWym4luq59DhUdRXXDwu8N_sdrtAl12X7ethwBlYpJEGm-BvuJMw5EMhsfqKygpp3VdzbSkAIjB3xdF5ihSGSN22bnfsjyBfOt3GhGgmbD74IPpdIqZ8lSXwYTzj8swgre1tsHoDVxxZztly6rOTgS305Fu35h2AMJ8Rt_K-dxvvt5lORBAhWK7vGGPlgFg8YgmMKU4SM%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fmail.nitrotech.info%2F$0;xdt=1;crlt=x(.MqSpCVX;stc=1;chaa=1;sttr=27;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:31:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 71C8 1 KB
643 B 9ms
9ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Sun, 27 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 03DE 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 141651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 71C8 35 B
465 B 35ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL-JFYx_KtEJd_DSvjmiBg4&google_cver=1&google_push=ASkJ3FbSLC8IujERsLoyG3Kky6Q2Jsp8Vk9u-C6jYFJ7HgQp82-7-b7tl6lKUhELNs6mYCjrnwtvc8-8FLwO8sRdMC0bdYqce0b5

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 71C8 0
104 B 109ms
24ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECx_HGcl917G6lrPqQUUFnw&google_cver=1&google_push=ASkJ3FYnJ7X6q3etyyNFJuqrV-lkKkNJp4D4qro77pvFzY3-7zFSFBNGRW-Fh0fpXhMebnu2kZbfua1L6xF7zBL2zrxMX4ToeUMS
Requested by: Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 71C8 0
191 B 85ms
24ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEH2DENM0CIe-LJkJQhuWg0g&google_cver=1&google_push=ASkJ3FYCFcLy4xpwt1nPPpNVzL5wN7dCARElo1Dlx-go8k1gpHp6m76nalOiaIVASF01vfaLCskDdPO1dSTt-O3zta1yKcO4Cb8
Requested by: Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71C8
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvLFMU7KG2_yRbTxl9gsSk&google_cver=1&google_push=ASkJ3FY3Qe7qkX1pxh1HOoLrcJ8UpbOFOuAyc49YP8YbI0eVBAR10NsCRiWuOFsjE5dwiuG5xP_JQhrM1QFaZmLXfSdc...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIvLFMU7KG2_yRbTxl9gsSk&google_cver=1&google_push=ASkJ3FY3Qe7qkX1pxh1HOoLrcJ8UpbOFOuAyc49YP8YbI0eVBAR10NsCRiWuOFsjE5dwiuG5xP_JQhrM1QFaZm...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=5eb5cbf2-f9e4-4aeb-87cb-3f2dedae76db&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FY3Qe7qkX1pxh1HOoLrcJ8UpbOFOuAyc49YP8YbI0eVBAR10NsCRiWuOFsjE5dwiuG5xP_JQhrM1QFaZmLXfSdclD92EMI7&google_hm=tJ5iRnVdTsavYQH1A8YElA==

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FY3Qe7qkX1pxh1HOoLrcJ8UpbOFOuAyc49YP8YbI0eVBAR10NsCRiWuOFsjE5dwiuG5xP_JQhrM1QFaZmLXfSdclD92EMI7&google_hm=tJ5iRnVdTsavYQH1A8YElA==

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FY3Qe7qkX1pxh1HOoLrcJ8UpbOFOuAyc49YP8YbI0eVBAR10NsCRiWuOFsjE5dwiuG5xP_JQhrM1QFaZmLXfSdclD92EMI7&google_hm=tJ5iRnVdTsavYQH1A8YElA==
date: Sun, 27 Nov 2022 03:44:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71C8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ALOZU2DRTYGUV2MEJMNPwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ALOZU2DRTYGUV2MEJMNPwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FavnHMPzJVCpMbaUPxcgl88XHKyOXTDPi1Q1F8Lz1V2PjXbtQHiBrxyPGbiHwkQhP6L4ZIaU-RwjHB-mnL-QzdBdP97tj8

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ALOZU2DRTYGUV2MEJMNPwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FavnHMPzJVCpMbaUPxcgl88XHKyOXTDPi1Q1F8Lz1V2PjXbtQHiBrxyPGbiHwkQhP6L4ZIaU-RwjHB-mnL-QzdBdP97tj8
date: Sun, 27 Nov 2022 03:44:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71C8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIXpQDMfJNCQOzz40bZrYlE&google_cver=1&google_push=ASkJ3FayNhm1CXEM2SQohR5zI51EIIAHz0ClIINHZ9Z11kgnxUbP1y1S29nP-u9goWugUNB-HHy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZVElCQkwtMUotSVNBUA==&google_push=ASkJ3FayNhm1CXEM2SQohR5zI51EIIAHz0ClIINHZ9Z11kgnxUbP1y1S29nP-u9goWugUNB-HHyhxeRfcZd-2kZPcc3fic7SWC3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZVElCQkwtMUotSVNBUA==&google_push=ASkJ3FayNhm1CXEM2SQohR5zI51EIIAHz0ClIINHZ9Z11kgnxUbP1y1S29nP-u9goWugUNB-HHyhxeRfcZd-2kZPcc3fic7SWC3D

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZVElCQkwtMUotSVNBUA==&google_push=ASkJ3FayNhm1CXEM2SQohR5zI51EIIAHz0ClIINHZ9Z11kgnxUbP1y1S29nP-u9goWugUNB-HHyhxeRfcZd-2kZPcc3fic7SWC3D
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 71C8
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECwIChAqXSrx9cZYp9bU8zI&google_cver=1&google_push=ASkJ3Fa_z36IX6pU9N1XbR8EDU8wQKYn9SMIKFwYQXEwLrNKgUAzS2wVnZlqBt9Xzxb7CZfcCf1rowMEIdc...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fa_z36IX6pU9N1XbR8EDU8wQKYn9SMIKFwYQXEwLrNKgUAzS2wVnZlqBt9Xzxb7CZfcCf1rowMEIdcQtII2w_z-LVpIFBla
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

11ms
10ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 71C8 0
12 B 16ms
15ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KoxIRuOYvr0sqU-1YfDf1I0T8hjqWYLv2NK_IE0UF9nWZjAuoblPZ46qp21iL-_F6-dgVLig

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/12510176007469714084/728x90/ Frame CEA1 6 KB
2 KB 8ms
8ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c96fd9c5c8dff263d1f8f5163d4b84521a0f5cf402aed7b6edf75bb7bf7bb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 143356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2368
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 11:55:26 GMT
expires: Sat, 25 Nov 2023 11:55:26 GMT
last-modified: Wed, 16 Nov 2022 18:36:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6DCB 0
0 51ms
51ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3WxxEbLbKKyFxt-RGjO5kZmyIcAGf512FDXzrj-yT1dnhQoSFuYNEdrSBsoWOvZl9TMACn1J34Vq8az0IoaGSl4Kq6nr4lU77VN8wxcONmDvfFLe11p5rEBJ7SN9ptBcLkuGrvEX2I5ccahIlKozLvw_LMdIJK__rCR-j&sai=AMfl-YSGjjNBC6Rx10VhBUG-uWNt3i5xWCWQtnVjFyh5JQjfguO-h843pf-0XkaIFRbqKeEd1MSA-E_M-2UcIaKCkCBB7Gu1I9XJFF89skBJ&sig=Cg0ArKJSzPvWWnYdFqxCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=47&cbvp=1&cstd=46&cisv=r20221110.96588&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 03:44:42 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 03DE 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CEA1 236 KB
63 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 03:44:42 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/12510176007469714084/728x90/ Frame CEA1 60 KB
9 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.js?1665999625660

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de05e650b272365e0f6a7215ccc9c7a15200c3804b945d5467c10b2bd9e982a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8734
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 18:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:55:32 GMT

GET
H3 200 728x90_atlas_P_1.png
s0.2mdn.net/sadbundle/12510176007469714084/728x90/images/ Frame CEA1 8 KB
8 KB 8ms
7ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/images/728x90_atlas_P_1.png?1665999625613

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c35eb5ae37465e7b5a114042f046dfc210f0a1377dbb43df3e4813e1c9e68b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:32 GMT
x-content-type-options: nosniff
age: 143350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8244
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 18:36:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:55:32 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6DCB 0
0 140ms
140ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3WxxEbLbKKyFxt-RGjO5kZmyIcAGf512FDXzrj-yT1dnhQoSFuYNEdrSBsoWOvZl9TMACn1J34Vq8az0IoaGSl4Kq6nr4lU77VN8wxcONmDvfFLe11p5rEBJ7SN9ptBcLkuGrvEX2I5ccahIlKozLvw_LMdIJK__rCR-j&sai=AMfl-YSGjjNBC6Rx10VhBUG-uWNt3i5xWCWQtnVjFyh5JQjfguO-h843pf-0XkaIFRbqKeEd1MSA-E_M-2UcIaKCkCBB7Gu1I9XJFF89skBJ&sig=Cg0ArKJSzPvWWnYdFqxCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=117&vt=11&dtpt=70&dett=3&cstd=46&cisv=r20221110.96588&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 03:44:42 GMT

GET
H3 200 728x90_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/12510176007469714084/728x90/images/ Frame CEA1 42 KB
42 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/images/728x90_atlas_NP_1.jpg?1665999625613

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4af8a9146036a779b8bfaf12c74af241c507a1ddba408e4873e483453730d3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12510176007469714084/728x90/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:31 GMT
x-content-type-options: nosniff
age: 143351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43410
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 18:36:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:55:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03DE 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH_6SKt2CY8-TII-S3gP7uIXgBAAAAAA4AeAEAg&bg=!OzilOHzNAAbvMpMzzzI7ACkAdvg8WnDgBPow8LsfXrfU2-GVLhkz7qAH1QMPkMAfDEn25UiodmSr0wIAAABLUgAAAAJoAQeZA0Jv_e8C3F720vRcPn_5JHD-uQ3M8qaGuLGiAZfMO3Z6QSx1290Av2ExUp2b86OgaXiihYtXHZO1K0ZubIyCYyhWHPqlFWYbL7v2lIArVP2E2yKBLSIVJ7Fi_1xQ0QkxmNN6xvJDA7Tt_3n7eoSzJx_W1dCTyAEiE-q04RHD5RnZ6cIG2H5kj7Kukhgfkr-YUjRI0qq0FMWHlo7FUw5vZ7dzJhxIoM51GoG8qCZu3wjhFO1MjsXmZaIk66JDH1Z0BBsQyaB7ZSWTaUbVIieB5RyzD7kTDUAGR5kpfpHvGdWu7NLzl5sj61Nx7ThWaf4GrwTfDLVtEkiYLMHodV3N66iCi2dt3Yzx3o65fURcYPJHR9D91RTQUKBVL-cunRT8sxr4wbEk1LdrPHjXoVNGSpM9gSVN_AwqetLKf0RYv2lovfIMQQJoiRN_YIj-d_Cu8Awi9WwPOep5mBJ9b7K4ZFLMZkTRCYmvr8QtFZcpI0Np47Ycg6Dn2Uuj8l1OvEEptX5zKNusFTXEBj8rb7U-jzrtDA9T4KGDPmCKtL8rjfslJZOp6c8_YEIMCHuQWRnvdr2vBv81vyV5Ss8O1Kg8RCgDrvgSJhfu12eZtQ7UAatK93TYZO1oVB824l1ck-k-aV9wCYnKl9DZNc72qYaHBnvdCOIu959J5N3OpMRmEIoqFCP9OGG3IXcWu9e6jMtxqN2m1dOuQ_89YgKF_PeJWL7pMGcF_-BzKmqW73GQ6gRpVwj4_13Q4BiPy7DV3qlvSrmaa2K5jIKfAG4SLUm898RlQlt1YSUuoQjmDOfp6wZE2jmsBZqx9AylC-k80UjfrJ7lEv4qb_JUAfTUt6Qhy_g4BtyqjEnTFTFRRHUO6GUP2PutqYe2QMrG6i3OxaEhUk5Q4TvI50dmrWNpQ822B7N3mCZutbcMLmEvbkFaTDbIqgSgFUjyNX0qixMgyfnmIxASvg4d7SZCP5VDgChDpaFTl-Xgxbv4WwKYuzkfe6k2I4OT3jdNi5pS2S91VHc1VlIpWqWyllxzeej14hbPxC2JGnSuV8WtiYQZHz79CG3SjfM69JZzLhbFKgux0MBuYzC6_ArPBYSmvg9o8RfFsbKy3zw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1542849748313698&bg=!cnGlcTXNAAbvMpMzzzI7ACkAdvg8Wg_xnMwu910LRvajkVI1VSDzw6PTpk3C2DqXGKflkKFIz4AebAIAAABzUgAAAAJoAQeZAqsnKCS_Xfw1FdaPKbGZEGKHeYUiwQa27OmI96NPzMCLfTENmONDQBWB-OehOPTtBkdfGFvpWyipYoL_mveIpi6mEQlJg15eQ8OQr7uHpcv-3XpSxxXcE38qjwkR5BcQNrvRVnShMmFEyywrbLZwTW5vuqcFRhUKhNefu8EiCl0AfG0kEWA2BvqtCBin1cp4V5n1fVl8uVZ8ILEIAM5F8Ms_jpXUeo3B1ZsXAAIs956771Dq7J6rQDagk5az5VtZyeSLrxzHJr_uszmpj5Go8KyrgGTUsK0QIwLuM1E83FlvhAJD3WKdF6_8fEgs0iTLVbNSIhq1dywUiRITM3pJmaMRsC5R9gFcusB_IOjVcz0W9jziC-2Qayo6KfsWrn6R35LyyQURrrHXCAdHutg0jvNTiQKwkuo7Fs2O67ckCCl4-tc1qeSTwD6MT3igzOKBUOIsF8y_SLKxzO7V7nah6yejllOk2shvUM8B4SL6MQHiuM76sQuQP7ENCNmaD1JOgUVzADW7HujhBhTStlY8e0cXByZhk4H3ucW6ZdVU3FnHCrB6i7rCsBybLESyB1A7WN0ktdbx9Vj1I8TjmSRLsIOpdWvkSH8Rh_YPLzN2AGyF_h1ucgMNVuvUsC38N41atf1s3B4T0CS1_wbbBbPlB3sqLLD7ZSiqG020q-OwNT1G-ALUaUebjsAxnXrnWKmLhbIClG0beYx3XLkBrO2cSAejyG6kVlhyXUCScoZzzKMQ6R7DzV5GMR-n4-yRPkiil0_sjWO4jOHbBBMbjTOBkMQlGCTniVn58VlCdUFQUJG0dXy-KxJOiGgTg5X9hzKjGRfgC1YzuqvclWsmctpKAEdL0gKuOcQ14bb8U450E-xUcs4jWkCTNTTyuQj0o68WaEqZFwPYTzi4vbIh0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.nitrotech.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 container.html Show response
a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 003E 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:41 GMT
expires: Mon, 27 Nov 2023 03:44:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 003E 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8HU4K92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoEkgJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7ekNWAl9DQqHoRzGv6d39yOY7nQskQ7S-P2daSQiW1rypjqOhfzBT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg0NzM3NjMzNDEwNTQ5OTMYquca&sigh=CiJ4E1SPxEY&uach_m=[UACH]&cid=CAQSPADq26N9iRAtw_W4NbNd_eMuLHP_LNcxC2hLA-MQh4cqjSUIODn9kkLaofb0L1oiGJXnCuhpGQK-briS0xgBIBM
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 003E 0
0 44ms
19ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kttwr7fs5kpannmxd5cpvn8tqdx1wvvs5zp7frm3qg3pp3z1s419h18f5z6bg8te2wcjn5pye04y3se8zx9qg9dsf8wha4hq2ykbresrfpv2yn1vm1rvj2k7kw5swhqvc9e3jp6ywssdte6pzg6yc9qddx0x77a8y3h2zv7hhya9935362m8bgyevcgda4g382x43hj9y7z9rnfqyvyp2gkynbgk3e7n95dbzjpgbck4yzxt36qzb89as1nzdsv7wgt3vdfwfj3pyvfwd1c1dy8283ag2fjx8abbd7pyqnzqgj14ezrpm1bben887fcpq5nzgaqhbn01fnbe8zp9d33pq8z7d4hswy892424cy2bawc3arqvqcfp84xnj17fb8s8dq9mnfwh38&b=Y4LdKwAC9UMIu-vKAA0UKr2qjc3LCWilUS0QTQ
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 03:44:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 98FE 2 KB
3 KB 67ms
37ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gdwvr8djap733x4bfnxs23q5dc87c3zbds5s4cbf31xcya6x6macjjrmkg7jk6nhbnr0panptzv9dxnc0nsdrrh29d4jrzzn2ncjkwvce6jx8sg24eznpv5z5rde1bpbk40bqd0znbsxh877w588xd9rq3cep0p5ephn2jk9j7wycb9r5r3rze518g4d85n700n9mverjxen021t8xy2he76g8naf4b8z070gfznp2rnnympeqbmrdhv47tt4t4qmmf8cvm81ckjy792p0dzqhdb8rdqa0fn2635kjpskvmzya9gxqymgddwq63467hcqp2861zbyf90ad8fxk833sasrp6wzjazd1wzkrwddt89f540npkqx5564vr37442pb44v3jx8cmkydmgn8br24k7ywh87v2yhppx8xks3nggdb7zvh7txbfpnwm7rtb9gmxeqnngc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%26client%3Dca-pub-8473763341054993%26adurl%3D

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a07f9ff8217252d593f4c34fa3bb7adfa340b09700f19646ce6a2dd66a273194

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7707ddf03ce99176-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:43 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 003E 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 03A4 1 KB
644 B 8ms
8ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Sun, 27 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 003E 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 003E 0
0 16ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpgYdcJubqsIr0t9bZZbKLvP9lZMDg1v9S517uLdKb2ftIbQaLppLm5MnjPQbKzCsvWV5bnxnqYlF3AAFIGviPUjILrA
Requested by: Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 003E 24 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Nov 2023 11:28:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 003E 154 KB
47 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 03:44:43 GMT

GET
DATA 200
OK truncated
/ Frame 003E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34304974ef119f85497c2b6b302283d0e14093a83610de992de545cedc5bf50d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03A4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_push=ASkJ3Fb4KNRBp09AXcSDc5RpG62A0eHDsOTnnUfuBWU_HU6s5tKjCR1Aqq...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_push=ASkJ3Fb4KNRBp09AXcSDc5RpG62A0eHDsOTnnUfuBWU_HU6s5tKjCR1AqqQ-b-vEIXd8s47S9SGO4A_U0aJPeOJaGVORolKoihQ

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn4037-HHN
pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1669520684.604673,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_push=ASkJ3Fb4KNRBp09AXcSDc5RpG62A0eHDsOTnnUfuBWU_HU6s5tKjCR1AqqQ-b-vEIXd8s47S9SGO4A_U0aJPeOJaGVORolKoihQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03A4
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFUHk0so9ChU9_BYV1Q51HI&google_cver=1&google_push=ASkJ3FYAjGj2qJGSIOohNKSQWTcvi1UrQfYABv0a2zzejztJ90jIyXLjVa29RzI8RhAlcn6QORh7Q2L4E4cIB-0b...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=d-8hVuoITIOY5BnEidXelg2&google_push=ASkJ3FYAjGj2qJGSIOohNKSQWTcvi1UrQfYABv0a2zzejztJ90jIyXLjVa29RzI8RhAlcn6QORh7Q2L4E4cIB-0baWW08-f7Bz4

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=d-8hVuoITIOY5BnEidXelg2&google_push=ASkJ3FYAjGj2qJGSIOohNKSQWTcvi1UrQfYABv0a2zzejztJ90jIyXLjVa29RzI8RhAlcn6QORh7Q2L4E4cIB-0baWW08-f7Bz4

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 27 Nov 2022 03:44:43 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=d-8hVuoITIOY5BnEidXelg2&google_push=ASkJ3FYAjGj2qJGSIOohNKSQWTcvi1UrQfYABv0a2zzejztJ90jIyXLjVa29RzI8RhAlcn6QORh7Q2L4E4cIB-0baWW08-f7Bz4
x-host: tde-deliveryengine-production-58fd8bff8b-n7k77
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03A4
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvLFMU7KG2_yRbTxl9gsSk&google_cver=1&google_push=ASkJ3Fanv_WkRWW6gH48Plz123zvDwiQpCq9zKiUy-csYfb2TVPjAAc4qlO8j5Pdp4PWpw7HOCrFpWz9NEkc9fdAq0da...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fanv_WkRWW6gH48Plz123zvDwiQpCq9zKiUy-csYfb2TVPjAAc4qlO8j5Pdp4PWpw7HOCrFpWz9NEkc9fdAq0da3pbIKcc&google_hm=tJ5iRnVdTsavYQH1A8YElA==

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fanv_WkRWW6gH48Plz123zvDwiQpCq9zKiUy-csYfb2TVPjAAc4qlO8j5Pdp4PWpw7HOCrFpWz9NEkc9fdAq0da3pbIKcc&google_hm=tJ5iRnVdTsavYQH1A8YElA==

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3Fanv_WkRWW6gH48Plz123zvDwiQpCq9zKiUy-csYfb2TVPjAAc4qlO8j5Pdp4PWpw7HOCrFpWz9NEkc9fdAq0da3pbIKcc&google_hm=tJ5iRnVdTsavYQH1A8YElA==
date: Sun, 27 Nov 2022 03:44:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03A4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDJsCae0p0GV-jZHMdX38iA&google_cver=1&google_push=ASkJ3FbiDQjDqnYR3KdIkDwS95Wm4VFNSEZVKZTl75OouZ4YZMWF7V7ppZMs8UUqk4rHtVEq5gKzBtsw...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDJsCae0p0GV-jZHMdX38iA&google_cver=1&google_push=ASkJ3FbiDQjDqnYR3KdIkDwS95Wm4VFNSEZVKZTl75OouZ4YZMWF7V7ppZMs8UUqk4rHtVEq5gK...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzI4ODIzMzk3Mzc2MDk1Nzc0NQ&google_push=ASkJ3FbiDQjDqnYR3KdIkDwS95Wm4VFNSEZVKZTl75OouZ4YZMWF7V7ppZMs8UUqk4rHtVEq5gKzBt...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzI4ODIzMzk3Mzc2MDk1Nzc0NQ&google_push=ASkJ3FbiDQjDqnYR3KdIkDwS95Wm4VFNSEZVKZTl75OouZ4YZMWF7V7ppZMs8UUqk4rHtVEq5gKzBtswN4oF-Dt5QGf0q9GU1g

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzI4ODIzMzk3Mzc2MDk1Nzc0NQ&google_push=ASkJ3FbiDQjDqnYR3KdIkDwS95Wm4VFNSEZVKZTl75OouZ4YZMWF7V7ppZMs8UUqk4rHtVEq5gKzBtswN4oF-Dt5QGf0q9GU1g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03A4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIXpQDMfJNCQOzz40bZrYlE&google_cver=1&google_push=ASkJ3FYPw438gSngFIA0tyRY2ViicKsieR2oejOmilhCRB0EucvNzJXW9bemQkRpZ9UiQKAcYuS...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZVElCWkEtMUYtODc4MQ==&google_push=ASkJ3FYPw438gSngFIA0tyRY2ViicKsieR2oejOmilhCRB0EucvNzJXW9bemQkRpZ9UiQKAcYuS8Pa8uKIzn9jGcI9E8D1RQoHc

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZVElCWkEtMUYtODc4MQ==&google_push=ASkJ3FYPw438gSngFIA0tyRY2ViicKsieR2oejOmilhCRB0EucvNzJXW9bemQkRpZ9UiQKAcYuS8Pa8uKIzn9jGcI9E8D1RQoHc

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZVElCWkEtMUYtODc4MQ==&google_push=ASkJ3FYPw438gSngFIA0tyRY2ViicKsieR2oejOmilhCRB0EucvNzJXW9bemQkRpZ9UiQKAcYuS8Pa8uKIzn9jGcI9E8D1RQoHc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03A4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FZvgXngVfp66H0jQzHdKrAOqNi70BD0-...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FZvgXngVfp66H0jQzHdKrAOqNi70BD0-ZeX3n32c5PRFjDtEQxdj8DVbJTVzliGNnSwaeq68t4de3Wu6xSw_TqJNZetYdU

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qprssjlq5o8KBObzWST5w7OZQuyZ%2BgB1QIMU6E420IITIkaQ4BuInWB6sC9I7OT7VMOkfbZhTh10FiFi128VEz8l%2F04w50UtecsDU7OyzRA2yLGi5PVsSLexUQF3zkcPcK36%2F%2BpAYCTDdw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FZvgXngVfp66H0jQzHdKrAOqNi70BD0-ZeX3n32c5PRFjDtEQxdj8DVbJTVzliGNnSwaeq68t4de3Wu6xSw_TqJNZetYdU
cache-control: no-cache
cf-ray: 7707ddf069819010-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 03A4
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDcGgwna-qLd6H-xEnx4y-o&google_cver=1&google_push=ASkJ3Fb7PKGYkMna8n0ffjYoqtUWsGgQtAYaYksZQU2UmxgN_oruwHdjgDLYaNzL0E63zxRG6pI6ZRPqke6_tZoqH...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDcGgwna-qLd6H-xEnx4y-o&google_cver=1&google_push=ASkJ3Fb7PKGYkMna8n0ffjYoqtUWsGgQtAYaYksZQU2UmxgN_oruwHdjgDLYaNzL0E63zxRG6pI6ZRPqke6_tZoqH...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fb7PKGYkMna8n0ffjYoqtUWsGgQtAYaYksZQU2UmxgN_oruwHdjgDLYaNzL0E63zxRG6pI6ZRPqke6_tZoqHqrpu9CvjtY&google_hm=FuCAuGZHjKsKXzj2QrCLdslB

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fb7PKGYkMna8n0ffjYoqtUWsGgQtAYaYksZQU2UmxgN_oruwHdjgDLYaNzL0E63zxRG6pI6ZRPqke6_tZoqHqrpu9CvjtY&google_hm=FuCAuGZHjKsKXzj2QrCLdslB

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 27 Nov 2022 03:44:43 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3Fb7PKGYkMna8n0ffjYoqtUWsGgQtAYaYksZQU2UmxgN_oruwHdjgDLYaNzL0E63zxRG6pI6ZRPqke6_tZoqHqrpu9CvjtY&google_hm=FuCAuGZHjKsKXzj2QrCLdslB
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 03A4 0
12 B 17ms
15ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KIcLg-lgEKdAOHrDQj_s6e3p0KY_djjbDA9ymJALaJUWf4bCaxTmObNwJSNMSHe8F2jKmw

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 98FE 89 KB
12 KB 34ms
21ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gdwvr8djap733x4bfnxs23q5dc87c3zbds5s4cbf31xcya6x6macjjrmkg7jk6nhbnr0panptzv9dxnc0nsdrrh29d4jrzzn2ncjkwvce6jx8sg24eznpv5z5rde1bpbk40bqd0znbsxh877w588xd9rq3cep0p5ephn2jk9j7wycb9r5r3rze518g4d85n700n9mverjxen021t8xy2he76g8naf4b8z070gfznp2rnnympeqbmrdhv47tt4t4qmmf8cvm81ckjy792p0dzqhdb8rdqa0fn2635kjpskvmzya9gxqymgddwq63467hcqp2861zbyf90ad8fxk833sasrp6wzjazd1wzkrwddt89f540npkqx5564vr37442pb44v3jx8cmkydmgn8br24k7ywh87v2yhppx8xks3nggdb7zvh7txbfpnwm7rtb9gmxeqnngc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gdwvr8djap733x4bfnxs23q5dc87c3zbds5s4cbf31xcya6x6macjjrmkg7jk6nhbnr0panptzv9dxnc0nsdrrh29d4jrzzn2ncjkwvce6jx8sg24eznpv5z5rde1bpbk40bqd0znbsxh877w588xd9rq3cep0p5ephn2jk9j7wycb9r5r3rze518g4d85n700n9mverjxen021t8xy2he76g8naf4b8z070gfznp2rnnympeqbmrdhv47tt4t4qmmf8cvm81ckjy792p0dzqhdb8rdqa0fn2635kjpskvmzya9gxqymgddwq63467hcqp2861zbyf90ad8fxk833sasrp6wzjazd1wzkrwddt89f540npkqx5564vr37442pb44v3jx8cmkydmgn8br24k7ywh87v2yhppx8xks3nggdb7zvh7txbfpnwm7rtb9gmxeqnngc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%26client%3Dca-pub-8473763341054993%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 283584
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WpA9Vt8RxKvmYUSyFQjB7KN8ROvGAagW4fg9GE3YBmCLNc%2BdtaO9GRkwZ94ESzQelABhaIT6xjV90YLVHALgbTHG9tjUda9GuX8v7NsR5RSbzIIvt0pKwUpl4c%2FrBIAjuLJOeUKNQM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7707ddf09bc992a7-FRA
expires: Sun, 27 Nov 2022 04:44:43 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 98FE 35 KB
12 KB 30ms
21ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gdwvr8djap733x4bfnxs23q5dc87c3zbds5s4cbf31xcya6x6macjjrmkg7jk6nhbnr0panptzv9dxnc0nsdrrh29d4jrzzn2ncjkwvce6jx8sg24eznpv5z5rde1bpbk40bqd0znbsxh877w588xd9rq3cep0p5ephn2jk9j7wycb9r5r3rze518g4d85n700n9mverjxen021t8xy2he76g8naf4b8z070gfznp2rnnympeqbmrdhv47tt4t4qmmf8cvm81ckjy792p0dzqhdb8rdqa0fn2635kjpskvmzya9gxqymgddwq63467hcqp2861zbyf90ad8fxk833sasrp6wzjazd1wzkrwddt89f540npkqx5564vr37442pb44v3jx8cmkydmgn8br24k7ywh87v2yhppx8xks3nggdb7zvh7txbfpnwm7rtb9gmxeqnngc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 422787
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FUeFehg%2BIYusnVN1Yj5wtl%2FffTxwnhSin9cnbZMQPxjg1JiNNDN2yZ5EC%2F7zykqjMXW16U3U5gJ%2F77cIlPvuJqpc4gWsT8r7XXGpcCS0A9LpywL8cJc7p3qp8FLvqVa2VuQwDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7707ddf09d429176-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 22 Nov 2022 06:18:06 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 98FE 3 KB
4 KB 249ms
21ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23455714
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vZACO6oEtiD6tX%2Bl%2Bo95Yz2HHrQquDX1dhJ%2FANgIEraqkIoyXfzNZDFrNfesfeoh1pa8diDs0KyLfvm7GKMJad2QUmZNwB2RyNRo2UjevIt06uQZt%2FRHz70tU9EQnQNq7NhHl3zTM%2FiuqotH5xhj2%2Bl"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7707ddf23dcb9b8c-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5B88 2 KB
1 KB 25ms
25ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2468007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7707ddf23d1592a7-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 03:44:43 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKubiLOn83m0LJULVuxBa1YuHlNKxC13xIcObZebKfQoI5QvQR6faYA%2F9o3NeuV3z%2BQXnzCLgdSxBC3wX5Ujh1fj5dIod5V3n1Dpj%2Fvc6o1qelJ9l8SCEDHET48mYB0mt6s9HN4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 container.html Show response
a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4BC 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:41 GMT
expires: Mon, 27 Nov 2023 03:44:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 629E 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.nitrotech.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:41 GMT
expires: Mon, 27 Nov 2023 03:44:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A4BC 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0LDjK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoEkgJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XodJ5YA8pt3YQABpmKxGHTgjy1j8kS3U8k4VAodD_uAEcUFPyck74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg0NzM3NjMzNDEwNTQ5OTMYquca&sigh=2Wt_o-tXw64&uach_m=[UACH]&cid=CAQSPADq26N9TbeUaQ1eEk4ucm0pXDsvwIiGM43ItGLrs7WQKMGYFb4oIZTgNng4jiRLZ4gZCsJqRfNCBB6MQxgBIBM
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame A4BC 0
0 34ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1heca4cpj9sr2yxknqz7n6bjq49155xjc28c0dmydcvmt7nxg1bwzj56yzy3znq2ktbxq7m3wgzbsz4gcek32bfmnkc6kzsgqf2sva6jqq7xb474wrd3pkr5k0scb49hg1rck5emgqv5k0frjztp5627387g4xw5gzkz400hapkjss4qnp02s66r5qp312qfv7mq4hjqdw4rnbqphm5q61c590685d1qh890tkf77ezweghf4bftgyp91j1ec0dr4nkj4pftc7kwcrhbme6km8nawvkm260es2njmh3v076sq628ew8c0cq3w9vhqpy4bstemj1nh3dt6d8cnvn2y6c0p54n45srt0sy1nhj34zr78cahz8cg2jrse6e7y3t52jra61myc4ztz8&b=Y4LdKwAHcs0Iu_LXAAGJ1qb8VaRGSCSikat4Gg
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 03:44:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 95BD 2 KB
3 KB 24ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hk76x43v1732qqyc5jkfe2qpkza2mppg0tmzp9fa1d9r78spp1rzt5k49xhsfwanc97tryt19cgzpvhakgb05ay04bppv9vzv75c1wzyf3wz0x7gtj0fr9n2hz23p0rsq1p9mj5f6k0b21h8cxna9avfmyzcwn3czfg7b4jg8fhrnr2zwjd7mypx5991b44ngyaw4k1dnnv89n3tfxtbr5gtegkrt32h59bhr2fswfhsspzg26gjdns44n8t4b00vej25bjamvzwezj8atgpryvw8wj9bqe3j46de7yc0j2603rs5fy5stz61khq728c6vc5e5gegtv1nz3kjz4zdk0q7dtxf3s8vbjhzsa0w1fzn6x58xdsb8e46tzgxpwmw0kjxp3d2f2r3mgrh2cr7hc1jtwq40aje6qp8zy5vyvkaa8fsbcysqexhvqyj01drm4ez092c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%26client%3Dca-pub-8473763341054993%26adurl%3D

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9c0e9be8df286a207ba50d9c4f7b09ce4d2a7bcd0b070a8fd081b7e5d5a2b2e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7707ddf26d3892a7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:43 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A4BC 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8CC9 1 KB
644 B 9ms
9ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Sun, 27 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A4BC 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A4BC 24 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Nov 2023 11:28:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4BC 154 KB
47 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 03:44:43 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame EAC3 2 KB
2 KB 24ms
21ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k1rr6gjv92z35p8hkwvtawqpdytgk15qksyzcrnm5sy94ejn05m9197b9md32b0nq3kh6fp12svhr08k1hezgr39wdg0nr63v37b43enwv10jxn4dqpqgyd6btz21vwsr22015z1hnx9z0wcz1z1x4zy37y3tja197z2frc3apx9b7jfjqxtcfgg7xa5qbntbzdzbgmbqw6ebm9fxtaxz8jd9vfhbx4nhcx4761p9xv0wr8q3age95s453qqrw0xtbxgpgskp6v4p797rfb37mq7fjcz0kkx1mh1rd7h3bez078ceysdzyttjyv5ecgmx06wt7mvv9caq620z0khya35532jah7km8v1w5zh55s717xrs2f5fgd8ygnpmaxs46awm744h5zvwrwftq7757dxa8bpqsg24fhrv93vkw063b9pk2g7p2v4gt4h92x5zkg36qdbc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%26client%3Dca-pub-8473763341054993%26adurl%3D

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6a918a3b6edbe96d7095f630260b5ac25367d741ecba2b53697be68354e447f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7707ddf27d4392a7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:43 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 629E 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A866 1 KB
644 B 14ms
11ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Sun, 27 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 629E 18 KB
7 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 629E 0
0 19ms
16ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStPgWOy_9uDEL4RR8mKlsqQ3AnpvbjvvMmfKmrmFog0Bo19RI984ObLdc8ef3e29b1mmfjI8GM6a4U4qkHHPelYjcUZQ
Requested by: Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 629E 24 KB
6 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Nov 2023 11:28:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 629E 154 KB
47 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 03:44:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 629E 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CntZYK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSSAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_3ZF03yoF8t7Lg68H6mKZ69NG5q6G9Ftl9FSFv0qLiAd45aykj-jgBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODQ3Mzc2MzM0MTA1NDk5Mxiq5xo&sigh=AnCPxs3J9U8&uach_m=[UACH]&cid=CAQSPADq26N94siOzJDqsuNef2rqmrPWZN6BGiXKEIIidIgpQkp9tSVwhD8iiP5CnXEjIUtatGvg5E0oYEB96BgBIBM&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 629E 0
0 19ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kq766n1mkn386n9br66t12nvq0rvczf9drefn73vcrmajprekp1y9mj1az6yambzm8rk5ykjkmnf8p608e58cmyhbsh5hefyaj0ec9wp5974ttr9rp6r1ya0d5cc1t319qg4bjsv9rpc60yfb4fzasg5712zb13tygvg1sepmt71ndqqpm89f3jx4tdp7fj9eadzsybd6p9021fcxexkzwhctkve1c4aarqdtby2v2b1b70m6bsdzt4b6eypq102edmfaqb8r9etyd9gxgzyz4xja8xfpx5xjap0ara0bx93taz8knmt4gx3yvzpwy5p8c35dt6ge15np2xv1fmannt7s47g4s004bk8rh88vy101drbkqmm2dkymc6vhh1h8p8a9dnmd4bt9r&b=Y4LdKwAJck8Iu8mLAAQUpdxNelH-yTs4IE0m0Q&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by: Host: mail.nitrotech.info
URL: https://mail.nitrotech.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 03:44:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 95BD 89 KB
11 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hk76x43v1732qqyc5jkfe2qpkza2mppg0tmzp9fa1d9r78spp1rzt5k49xhsfwanc97tryt19cgzpvhakgb05ay04bppv9vzv75c1wzyf3wz0x7gtj0fr9n2hz23p0rsq1p9mj5f6k0b21h8cxna9avfmyzcwn3czfg7b4jg8fhrnr2zwjd7mypx5991b44ngyaw4k1dnnv89n3tfxtbr5gtegkrt32h59bhr2fswfhsspzg26gjdns44n8t4b00vej25bjamvzwezj8atgpryvw8wj9bqe3j46de7yc0j2603rs5fy5stz61khq728c6vc5e5gegtv1nz3kjz4zdk0q7dtxf3s8vbjhzsa0w1fzn6x58xdsb8e46tzgxpwmw0kjxp3d2f2r3mgrh2cr7hc1jtwq40aje6qp8zy5vyvkaa8fsbcysqexhvqyj01drm4ez092c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hk76x43v1732qqyc5jkfe2qpkza2mppg0tmzp9fa1d9r78spp1rzt5k49xhsfwanc97tryt19cgzpvhakgb05ay04bppv9vzv75c1wzyf3wz0x7gtj0fr9n2hz23p0rsq1p9mj5f6k0b21h8cxna9avfmyzcwn3czfg7b4jg8fhrnr2zwjd7mypx5991b44ngyaw4k1dnnv89n3tfxtbr5gtegkrt32h59bhr2fswfhsspzg26gjdns44n8t4b00vej25bjamvzwezj8atgpryvw8wj9bqe3j46de7yc0j2603rs5fy5stz61khq728c6vc5e5gegtv1nz3kjz4zdk0q7dtxf3s8vbjhzsa0w1fzn6x58xdsb8e46tzgxpwmw0kjxp3d2f2r3mgrh2cr7hc1jtwq40aje6qp8zy5vyvkaa8fsbcysqexhvqyj01drm4ez092c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%26client%3Dca-pub-8473763341054993%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 283584
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aESePTMASsaJ7Dtikb1d9k47zp9dauPHwOFE%2BpAkjSgGhFScf5fd%2FRSHABZRFRupS9GIFyQUukyq5kuztyBHl%2B7evUH3lEkixknGjElPCNTbFLZ%2FhV1hSEqMZjPhVFqUjhTfKBfJrhQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7707ddf2ad6c92a7-FRA
expires: Sun, 27 Nov 2022 04:44:43 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 95BD 35 KB
12 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hk76x43v1732qqyc5jkfe2qpkza2mppg0tmzp9fa1d9r78spp1rzt5k49xhsfwanc97tryt19cgzpvhakgb05ay04bppv9vzv75c1wzyf3wz0x7gtj0fr9n2hz23p0rsq1p9mj5f6k0b21h8cxna9avfmyzcwn3czfg7b4jg8fhrnr2zwjd7mypx5991b44ngyaw4k1dnnv89n3tfxtbr5gtegkrt32h59bhr2fswfhsspzg26gjdns44n8t4b00vej25bjamvzwezj8atgpryvw8wj9bqe3j46de7yc0j2603rs5fy5stz61khq728c6vc5e5gegtv1nz3kjz4zdk0q7dtxf3s8vbjhzsa0w1fzn6x58xdsb8e46tzgxpwmw0kjxp3d2f2r3mgrh2cr7hc1jtwq40aje6qp8zy5vyvkaa8fsbcysqexhvqyj01drm4ez092c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 422787
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QNX2Le9%2FEKgX2ESQwX5uG353OMa3MrJOxWPN%2FX%2FC3UfjzWQ%2FUNngaDvLeBpcZ9KHlEApLqEZUWTF%2BPBmhMVJ9SXwwveZNnqTKM0n0VDZCsndFS1DXRhNwUrZTYvUcFWX%2FBVvhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7707ddf2ad6d92a7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 22 Nov 2022 06:18:06 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame EAC3 89 KB
11 KB 31ms
31ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k1rr6gjv92z35p8hkwvtawqpdytgk15qksyzcrnm5sy94ejn05m9197b9md32b0nq3kh6fp12svhr08k1hezgr39wdg0nr63v37b43enwv10jxn4dqpqgyd6btz21vwsr22015z1hnx9z0wcz1z1x4zy37y3tja197z2frc3apx9b7jfjqxtcfgg7xa5qbntbzdzbgmbqw6ebm9fxtaxz8jd9vfhbx4nhcx4761p9xv0wr8q3age95s453qqrw0xtbxgpgskp6v4p797rfb37mq7fjcz0kkx1mh1rd7h3bez078ceysdzyttjyv5ecgmx06wt7mvv9caq620z0khya35532jah7km8v1w5zh55s717xrs2f5fgd8ygnpmaxs46awm744h5zvwrwftq7757dxa8bpqsg24fhrv93vkw063b9pk2g7p2v4gt4h92x5zkg36qdbc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k1rr6gjv92z35p8hkwvtawqpdytgk15qksyzcrnm5sy94ejn05m9197b9md32b0nq3kh6fp12svhr08k1hezgr39wdg0nr63v37b43enwv10jxn4dqpqgyd6btz21vwsr22015z1hnx9z0wcz1z1x4zy37y3tja197z2frc3apx9b7jfjqxtcfgg7xa5qbntbzdzbgmbqw6ebm9fxtaxz8jd9vfhbx4nhcx4761p9xv0wr8q3age95s453qqrw0xtbxgpgskp6v4p797rfb37mq7fjcz0kkx1mh1rd7h3bez078ceysdzyttjyv5ecgmx06wt7mvv9caq620z0khya35532jah7km8v1w5zh55s717xrs2f5fgd8ygnpmaxs46awm744h5zvwrwftq7757dxa8bpqsg24fhrv93vkw063b9pk2g7p2v4gt4h92x5zkg36qdbc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%26client%3Dca-pub-8473763341054993%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 283584
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWz3Pz518YfjXRHG2rwY6YETnVzLEyPVUATRsmIMrM0dZ3O4W0GinXSOjNu%2FLxOM71eFe%2BBSzWxnajQ3sapzwJT2Uzdp8kHOuGe%2FOV0jR%2FWhOzRQ4feVlJrwLFu8xJF%2Boam56vwoplo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7707ddf2bd7a92a7-FRA
expires: Sun, 27 Nov 2022 04:44:43 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame EAC3 35 KB
12 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k1rr6gjv92z35p8hkwvtawqpdytgk15qksyzcrnm5sy94ejn05m9197b9md32b0nq3kh6fp12svhr08k1hezgr39wdg0nr63v37b43enwv10jxn4dqpqgyd6btz21vwsr22015z1hnx9z0wcz1z1x4zy37y3tja197z2frc3apx9b7jfjqxtcfgg7xa5qbntbzdzbgmbqw6ebm9fxtaxz8jd9vfhbx4nhcx4761p9xv0wr8q3age95s453qqrw0xtbxgpgskp6v4p797rfb37mq7fjcz0kkx1mh1rd7h3bez078ceysdzyttjyv5ecgmx06wt7mvv9caq620z0khya35532jah7km8v1w5zh55s717xrs2f5fgd8ygnpmaxs46awm744h5zvwrwftq7757dxa8bpqsg24fhrv93vkw063b9pk2g7p2v4gt4h92x5zkg36qdbc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 422787
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iILWdH%2F4TGi1%2Fe7g8CfboqvyKLWjJm20zVS6UmU%2BBm7hh66y%2BdaxUqZNSF59Intet%2BHRMlrz3YEMOrtJlbtoIYxn4CkHKAJpwJueG6VdeRxscyMtGxB7kvCUcNEk9tX5MUSvao%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7707ddf2bd7d92a7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 22 Nov 2022 06:18:06 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8CC9 70 B
266 B 107ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA1Loa5mR19_BXy2PAie8e0&google_cver=1&google_push=ASkJ3FZSA6nyoFnDkSs8_T-usHodfhWZiAzt4BowIHvrTvdNrrj2BNvnZJhSTwWsrIVGL15fNPyDljEMMmExcaBG1za_42fQQ1L9
Requested by: Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CC9
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOawo1jFoIQumvzUAAxOY9I&google_cver=1&google_push=ASkJ3Fb46CwNQivCHU19nXsie_v9fkV_rjD5NpR0XK9ZL3qNaOv9KD6VI04xJCslgPmijjvRdomXIVw4-gJ_Fl5AIb6YS8K...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOawo1jFoIQumvzUAAxOY9I&google_cver=1&google_push=ASkJ3Fb46CwNQivCHU19nXsie_v9fkV_rjD5NpR0XK9ZL3qNaOv9KD6VI04xJCslgPmijjvRdomXIVw4-gJ_Fl5AIb6YS...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fb46CwNQivCHU19nXsie_v9fkV_rjD5NpR0XK9ZL3qNaOv9KD6VI04xJCslgPmijjvRdomXIVw4-gJ_Fl5AIb6YS8KHcy_j

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fb46CwNQivCHU19nXsie_v9fkV_rjD5NpR0XK9ZL3qNaOv9KD6VI04xJCslgPmijjvRdomXIVw4-gJ_Fl5AIb6YS8KHcy_j

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3Fb46CwNQivCHU19nXsie_v9fkV_rjD5NpR0XK9ZL3qNaOv9KD6VI04xJCslgPmijjvRdomXIVw4-gJ_Fl5AIb6YS8KHcy_j
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CC9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FYuWktyO7CTUjcVpNq33NdsAbiiF2N1s...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FYuWktyO7CTUjcVpNq33NdsAbiiF2N1sgbnvdkh6ks7fVJI77ccGcwDY0qOsHDBWds9jA-lswT-fA3uQkNZvvsEU1UqVNni

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPrRIc28g3Do083aOY7VNbpzCXfnjAKnuvZhbeVDVELdRohSX8XGZWHgIK1vL8vV2P2xvcbXrLOcwS79mJO4zB0FSyhZ4BsmzjWb263x4O2EUrCkgFqxgpGUk5E0mqAjrz%2FZcAeTqMSQ4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FYuWktyO7CTUjcVpNq33NdsAbiiF2N1sgbnvdkh6ks7fVJI77ccGcwDY0qOsHDBWds9jA-lswT-fA3uQkNZvvsEU1UqVNni
cache-control: no-cache
cf-ray: 7707ddf2dbad5c56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CC9
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEHJMyYdHrU-Lj4DliWJEORo&google_cver=1&google_push=ASkJ3FY7QMvKmbewPapxEYMRLeBPVoz62wOUljdKQ-S_W6_0RiSiC5rdITTVpAJXizorbuZsmh2UTk3HzlEvh7hlhtwXk9...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHJMyYdHrU-Lj4DliWJEORo&google_cver=1&google_push=ASkJ3FY7QMvKmbewPapxEYMRLeBPVoz62wOUljdKQ-S_W6_0RiSiC5rdITTVpAJXizorbuZsmh2UTk3HzlEvh7hl...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=70Cr9FXORbedxbRx56W9VA&google_push=ASkJ3FY7QMvKmbewPapxEYMRLeBPVoz62wOUljdKQ-S_W6_0RiSiC5rdITTVpAJXizorbuZsmh2UTk3HzlEvh7h...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=70Cr9FXORbedxbRx56W9VA&google_push=ASkJ3FY7QMvKmbewPapxEYMRLeBPVoz62wOUljdKQ-S_W6_0RiSiC5rdITTVpAJXizorbuZsmh2UTk3HzlEvh7hlhtwXk9ZQmjA8

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=70Cr9FXORbedxbRx56W9VA&google_push=ASkJ3FY7QMvKmbewPapxEYMRLeBPVoz62wOUljdKQ-S_W6_0RiSiC5rdITTVpAJXizorbuZsmh2UTk3HzlEvh7hlhtwXk9ZQmjA8
access-control-allow-origin: *
date: Sun, 27 Nov 2022 03:44:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CC9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FaB02CPCJrxnGkRMNr1G56wnmvgK0q8pt1iclAl93uPkHEiQtrpF9ZKwahv_xWNUo9Z-z8IX2RacffJYBMfBd2rHuI1zVeN&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-10d3684b-96fe-4865-8363-6e807aca9b6b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FaB02CPCJrxnGkRMNr1G...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaB02CPCJrxnGkRMNr1G56wnmvgK0q8pt1iclAl93uPkHEiQtrpF9ZKwahv_xWNUo9Z-z8IX2RacffJYBMfBd2rHuI1zVeN&google_hm=AxDTaEuW_khlg2NugHrKm2s

170 B
188 B

22ms
22ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaB02CPCJrxnGkRMNr1G56wnmvgK0q8pt1iclAl93uPkHEiQtrpF9ZKwahv_xWNUo9Z-z8IX2RacffJYBMfBd2rHuI1zVeN&google_hm=AxDTaEuW_khlg2NugHrKm2s

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FaB02CPCJrxnGkRMNr1G56wnmvgK0q8pt1iclAl93uPkHEiQtrpF9ZKwahv_xWNUo9Z-z8IX2RacffJYBMfBd2rHuI1zVeN&google_hm=AxDTaEuW_khlg2NugHrKm2s
date: Sun, 27 Nov 2022 03:44:44 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX10d3684b96fe486583636e807aca9b6b003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CC9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAdIyUWXHU9zT_MIFMFUytA&google_cver=1&google_push=ASkJ3FZl5zVb4JQ9S9rJ0XOEhGkMIBlxbLFErzpodtlab4fHFAPJvtVCMpK7oAR0snFz3Vn2OT...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAdIyUWXHU9zT_MIFMFUytA&google_cver=1&google_push=ASkJ3FZl5zVb4JQ9S9rJ0XOEhGkMIBlxbLFErzpodtlab4fHFAPJvtVCMpK7oAR0snFz3Vn2OT...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HQkZnZUdaRTJ1SHVrakc0anZVVDBjNXdWZXo2ZGhNTn5B&google_push=ASkJ3FZl5zVb4JQ9S9rJ0XOEhGkMIBlxbLFErzpodtlab4fHFAPJvtVCM...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HQkZnZUdaRTJ1SHVrakc0anZVVDBjNXdWZXo2ZGhNTn5B&google_push=ASkJ3FZl5zVb4JQ9S9rJ0XOEhGkMIBlxbLFErzpodtlab4fHFAPJvtVCMpK7oAR0snFz3Vn2OT2LJtnayW7OQCpzYUxUOXsaP3ja

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HQkZnZUdaRTJ1SHVrakc0anZVVDBjNXdWZXo2ZGhNTn5B&google_push=ASkJ3FZl5zVb4JQ9S9rJ0XOEhGkMIBlxbLFErzpodtlab4fHFAPJvtVCMpK7oAR0snFz3Vn2OT2LJtnayW7OQCpzYUxUOXsaP3ja
date: Sun, 27 Nov 2022 03:44:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 um
cs.emxdgt.com/ Frame 8CC9 0
56 B 48ms
9ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEP9IJKM_aVKUIL1cfyDf9vE&google_cver=1&google_push=ASkJ3FZdMs5akixZ3ZqrNB3FixyFVvk7Ta6bf4tVRWDZeCuVm0qVlKfrxs4kPfhuSkqQLcFvsq8jfeX92nWeSWE7q1idvV0N4Cj8jA
Requested by: Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
content-length: 0
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8CC9 0
12 B 15ms
15ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JD8F7qAIgpQjOoOSsxGlc37qBYpcyKDta_FBG_AkNqYiRCCvVEwT0HtKlRW0oONd7zoYaP3aI

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 629E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4db3694e72a35e329589d8417079df80c1d9b586ef0dfbb9f5f02f072368a05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A866
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTRMZEt3QUxITWMzMlFBVA==&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_cver=1&google_push=ASkJ3FYLOJ9Bw15EIZlXjvRBnp2-ZpmKqu...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTRMZEt3QUxITWMzMlFBVA==&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_cver=1&google_push=ASkJ3FYLOJ9Bw15EIZlXjvRBnp2-ZpmKqu2xmAy3dgOwf-jW3i356RqjfkRnuk7Ok09imCTJ4LNrBZ4542eboKNx024-tAkc2DY

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn4037-HHN
pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669520684.971714,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTRMZEt3QUxITWMzMlFBVA==&google_gid=CAESEE0fslR_R1jycHCHzQARmcY&google_cver=1&google_push=ASkJ3FYLOJ9Bw15EIZlXjvRBnp2-ZpmKqu2xmAy3dgOwf-jW3i356RqjfkRnuk7Ok09imCTJ4LNrBZ4542eboKNx024-tAkc2DY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A866
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvLFMU7KG2_yRbTxl9gsSk&google_cver=1&google_push=ASkJ3FZSMDeejI3LnZRkoukjdtvnMVcO36OW04oBnhiLfTsknSwXBmJnumTKXeGSYnyMnpLOLZG5L6WOHr-Oz0kzQQqK...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=803764de-1c9c-4cbe-b9e8-7289b787b109&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZSMDeejI3LnZRkoukjdtvnMVcO36OW04oBnhiLfTsknSwXBmJnumTKXeGSYnyMnpLOLZG5L6WOHr-Oz0kzQQqKmOKNXg&google_hm=tJ5iRnVdTsavYQH1A8YElA==

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZSMDeejI3LnZRkoukjdtvnMVcO36OW04oBnhiLfTsknSwXBmJnumTKXeGSYnyMnpLOLZG5L6WOHr-Oz0kzQQqKmOKNXg&google_hm=tJ5iRnVdTsavYQH1A8YElA==

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZSMDeejI3LnZRkoukjdtvnMVcO36OW04oBnhiLfTsknSwXBmJnumTKXeGSYnyMnpLOLZG5L6WOHr-Oz0kzQQqKmOKNXg&google_hm=tJ5iRnVdTsavYQH1A8YElA==
date: Sun, 27 Nov 2022 03:44:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A866
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FYPxJ6dm2s-2phSsNC7-JDplZt75FnlC...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FYPxJ6dm2s-2phSsNC7-JDplZt75FnlCCL2_Z6Py7XF2fiz6DrUov-BtN5Rp-i0an5zLlp4v0hTng0ds4u8WeXEaIXL0ow

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfD4mm9KgkbA%2B9l21sGjwAuclUpwYngeez15Fmp0prBkdtwGciBsiiW2jKgi%2FsSBp93ENO%2BMUwOmRNQDZ%2FehJkNoroQsA5m%2FHtsiZUu2SWrSAzFn2YbtNDGBqxbymEyl2DUxA4z023Expw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDyYl-al7krOVtSzlZ_HaRQ&google_hm=Y4LdKaqhx5T4mb9vCLk-8wAACFkAAAIB&google_nid=index&google_push=ASkJ3FYPxJ6dm2s-2phSsNC7-JDplZt75FnlCCL2_Z6Py7XF2fiz6DrUov-BtN5Rp-i0an5zLlp4v0hTng0ds4u8WeXEaIXL0ow
cache-control: no-cache
cf-ray: 7707ddf2dbaf5c56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET us
sync.go.sonobi.com/ Frame A866 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A866
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECwIChAqXSrx9cZYp9bU8zI&google_cver=1&google_push=ASkJ3Fb9rk8AdTQq8ZiOlCXol5eSCGLInm_XNqny6VitZwjYZwjo4O_rbHYGgVt4YndpYYazxhxajwtternL...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fb9rk8AdTQq8ZiOlCXol5eSCGLInm_XNqny6VitZwjYZwjo4O_rbHYGgVt4YndpYYazxhxajwtternLpZ5IY44Ed2lVoA

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fb9rk8AdTQq8ZiOlCXol5eSCGLInm_XNqny6VitZwjYZwjo4O_rbHYGgVt4YndpYYazxhxajwtternLpZ5IY44Ed2lVoA

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fb9rk8AdTQq8ZiOlCXol5eSCGLInm_XNqny6VitZwjYZwjo4O_rbHYGgVt4YndpYYazxhxajwtternLpZ5IY44Ed2lVoA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame A866
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGYYwwXQmNxEBNsDR0-pXdc&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZGNDNerML4cDG6JK3-a-K43LBeo57duIVAMlZjaR00HRpd_GkV9iltH7EOK25a8wtGERgd0fkvcQp8GaY9jeInpoK_754
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
174 B

33ms
33ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Sun, 27 Nov 2022 03:44:44 GMT
pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A866
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDbYA-vgh...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b49e6246-755d-4ec6-af61-01f503c60494&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b49e6246-755d-4ec6-af61-01f503c60494&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b49e6246-755d-4ec6-af61-01f503c60494&%%GOOGLE_PUSH_PAIR%%
date: Sun, 27 Nov 2022 03:44:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A866 0
12 B 19ms
18ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmJZnYvGlY4Em9WuDC456jZm6GMAnY8TNMcLY0AiTdE-KP8wqXM6wO1ubwQJp88qss9xR-TrE

Requested by

Host: a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
URL: https://a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame A4BC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb71dabb4230568da5c514b5a6772e61babd3bba54dc46f8dfd3d878a65c0087

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 rs Show response
ad4m.at/ Frame 98FE 2 KB
2 KB 34ms
33ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07bed1deb5dbe3b0786d89358a450bbe0cfea88eef7c2354049da09e8fff08f9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQiGrDmv5%2Fog%2FCyFVn9DB%2B%2FTV4zj4Dk1JdcjFbuJmp4OlKx%2Fo7MBUlCgtq8aNiuGblXPIwpd%2BNGeJ%2B3rQ6qMmhMUvbOaMaXNK4%2Fx1j4G4W2ob2gS9hQUEU5S24e%2Bu2MuxAW7liM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7707ddf36edebc03-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 43ms
28ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7707ddf33eb4bc03-FRA
content-length: 24
content-type: text/plain
date: Sun, 27 Nov 2022 03:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Wo0L5bvPQE7%2BPWVhcatIyECs078YKX829nDC50gmeiplR8yedSExwRRlLmNjBu1CouI3nAw%2Ft7YTOV1ZVB3BacetDUXjHerSkSL9CCXKxrQIL%2FsheHz%2F1GNrdy%2FD4I3KojAwZU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 95BD 3 KB
4 KB 33ms
20ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26417180
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVa9gY5GNBBKhuajS9%2BlhS94ImYHCrH2dBwypy1Jwz9IfWR63pIr9T%2BREUXlxRMBQwv3sJTzSw2vHXcI05hBOnofgKvzXDzVmXYimWBDzahD7DBc8W9Yx38Gz3u8cl%2BkUd27Wlz%2BusZA4vG%2Bl%2FU4g63C"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7707ddf34b229290-FRA
expires: Wed, 25 Jan 2023 09:38:24 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame EAC3 3 KB
4 KB 30ms
17ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26417180
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uY6Vzy2Hlb7%2FXiDe4%2FxkLCTIG2HXYj7UYTOtv63u0BxYzzJt56Ccb8kxkmnSfFmLgiSMoaoULZAkIZgtbRjXx2xHP9ItvK2%2FpOop2nrwUqPYoJfGAjqaT6LT21gHVh4yj400KPATB3g8rVZbrR%2BT8Npb"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7707ddf34b249290-FRA
expires: Wed, 25 Jan 2023 09:38:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 7445 2 KB
1 KB 20ms
19ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2468008
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7707ddf33dea92a7-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 03:44:44 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUN90eZCh3Pp%2FivoMe8hXtBoqDkt7druMZattrMfk2Jih3VVicWChkv1pJYSCSscyI%2FtYtxl2rdUdydMd4MHkqNb38vAnHGZe5OS2XJ50S5coYRgzA2c7wSoxE62%2FVwN2i5RLbU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 3D8E 2 KB
1 KB 21ms
18ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2468008
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7707ddf33deb92a7-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 03:44:44 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1MnH6CxU8aNTi39WM6dLdc9IppcMpbK3MhIBBFCqhKbmHVffGr6s76TZPOwvSeBgbzMYxbWUQj9pUDd9s8swLKnmjE19J5wbutDsFJ8twjZbkuJejNgbLGrlwIoRCZc2et9bbE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 95BD 2 KB
2 KB 30ms
29ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f323501ea2d6719700c5b19f0d687ff59e8cb63afc97a48429a8c0b6c793096e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbLLHJE%2BokD%2Fu5BTzqVhP6PdvLaRsgWvEi1BgmZVlxz%2BuHr6JIrrBxxFdxHs5%2BhVwFH8Yd0Te0XQj3TfBqgabZnrL%2BfTPycktOZH20RlCWaXZ3QqjRAT8yUxIfFUy7r0klUuqSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7707ddf39f19bc03-FRA
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame EAC3 2 KB
2 KB 35ms
34ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eec90ed1ea0331deea01748bad6a0392b544e8fef3b3d65e9ec0423af27bee9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8cK0I7xmDv64HCzGrRJJ%2BZPWLtbVxpVZrofCj6ku%2Blf%2BTpIZtnXADfPt8HW2HABnHrtwou%2BvxqpYt4bT2zs%2BERB%2FEZNKPArcypBmu1brH8YH1wdqn4uwxPuydB9IQHuF0iBYh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7707ddf39f13bc03-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 30ms
30ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7707ddf36eeabc03-FRA
content-length: 24
content-type: text/plain
date: Sun, 27 Nov 2022 03:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FwouJTNrVjPpE0f0%2B4fR%2BD1fVCcYQ6KGQmpsQPrzrJLvhdAg0eUGWIIhYF8c6khGvuMqQwxmd%2FT2MONVP0yOlbRnRKU0tvzGw0HebWGTxTSluCc%2B9GJ7mkVsOB5ZDeaVVjkbVw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 27ms
27ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7707ddf36eebbc03-FRA
content-length: 24
content-type: text/plain
date: Sun, 27 Nov 2022 03:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGE0Sp1cogNgIlcwjlVA8WgEKipVKnukauFPNVKwWhkhh9W0FWhrTyc8CFNqOVzgHeqKwUKtd46JTrMwCWoDslaCyVFMgYTO5kZ1OlGzWVfviYG6cn76Skk13i4dbo6tE5Rabg8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 90D4 11 KB
5 KB 22ms
22ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd6f6984740ada40a715c0e48cac2894a2b3e1fcd2eb0def36027505c18ebf2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gdwvr8djap733x4bfnxs23q5dc87c3zbds5s4cbf31xcya6x6macjjrmkg7jk6nhbnr0panptzv9dxnc0nsdrrh29d4jrzzn2ncjkwvce6jx8sg24eznpv5z5rde1bpbk40bqd0znbsxh877w588xd9rq3cep0p5ephn2jk9j7wycb9r5r3rze518g4d85n700n9mverjxen021t8xy2he76g8naf4b8z070gfznp2rnnympeqbmrdhv47tt4t4qmmf8cvm81ckjy792p0dzqhdb8rdqa0fn2635kjpskvmzya9gxqymgddwq63467hcqp2861zbyf90ad8fxk833sasrp6wzjazd1wzkrwddt89f540npkqx5564vr37442pb44v3jx8cmkydmgn8br24k7ywh87v2yhppx8xks3nggdb7zvh7txbfpnwm7rtb9gmxeqnngc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%26client%3Dca-pub-8473763341054993%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7707ddf39e3892a7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:44 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 90D4 89 KB
11 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 283585
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Img%2FdSxlm8K1HhdNmfP%2FxJvMBtdCqTDmocEPHXYZoAPn9fPeW6AAXog%2F79HyhzVTcyjF6j9DL639LWTqJwIGD70wm4Nf8MKVluKspsiAibsZ9xosaTkL2tyBnXIqRor3l5zWxF%2FxM1I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7707ddf3ce6492a7-FRA
expires: Sun, 27 Nov 2022 04:44:44 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 90D4 8 KB
9 KB 36ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2513017
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1nXEvOPRR1ZjoG73I7g5H1WUk8fo9zC7KW7nB8M3Lx%2BgskLrQjOPP4OiOPPjU2mRFmBbcfgz5TJiN7QTOFNW5jSv9u6s%2Bccnyu9El%2F60NDBEpwdN0prEyhFH23aEW9u52WYOeQABTbmJP37"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf3da049176-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 90D4 93 KB
94 KB 32ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193429
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbVFaTyhK3Fhs%2BlKRo55WxLMGQidwV9wdSFaDMnxANHus8TH2d%2B0x5jYRy2bCL0DIlFSQVrlgPxCD7MZO0xlSGpYbT8co%2FCT0E8v8Gb8KfRNj%2BDBLLLJwk53C%2F2faPbQOTTQoeL1L%2F7Pni2R"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf3d9fe9176-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 90D4
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMX1ypq5zfsCFQzcEQgdIe8JWQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669520684_d4c908b0-6e05-11ed-9792-223985e9a9b7

0
517 B

51ms
13ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669520684_d4c908b0-6e05-11ed-9792-223985e9a9b7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:43 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 27 Nov 2022 03:44:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669520684_d4c908b0-6e05-11ed-9792-223985e9a9b7
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 90D4 5 KB
5 KB 31ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1893430
cf-polished: origFmt=png, origSize=17428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4642
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 09:58:13 GMT
server: cloudflare
etag: "aa8fff6f6c7d296f039d5bcda00d5257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qm709F0hsX3Qp6ntaHjIDvQZJ8aoDz6VlqZAyuRo4OSIasF9CKrcBi%2BqNoB6BjlI4atpbT%2Fa3GB9ZdGMGvT2f4ZRyMBjE7o8DgQKuwx27OPrwD4%2B0UGAZjNaDdab201O54y3%2Bcraymig1fep"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf3d9fd9176-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H2 200 B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame 90D4 418 KB
419 KB 39ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2112312
cf-polished: origFmt=png, origSize=725824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 428526
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Mar 2022 16:06:29 GMT
server: cloudflare
etag: "4bc7b5f2b8f57f9439aaac8fcacf7e77"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rL9YgpEGKD84H0aIs4D89qZP1OuiICAEv%2FzyVgaogPBCWFMTduXRejHShqxZ%2BeNMmFGtSSrKBAZZ54ohkQI%2FjrM1uIvqYFbf54LLAonq8eJhWM3aGjaCaCsttJpSgba6rWqQnSbt3qqFzKS8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf3da029176-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H2 200 C7D0A57663935ACB204E1E49CF05A9DB79A0F26538557A782BFD3796AF7504BDFC9FEADE507DA8021F6F4910729600339BBE3355A388F5714828A2ED0B9C4AF0
assets.ad4m.at/logo/ Frame 90D4 13 KB
13 KB 33ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C7D0A57663935ACB204E1E49CF05A9DB79A0F26538557A782BFD3796AF7504BDFC9FEADE507DA8021F6F4910729600339BBE3355A388F5714828A2ED0B9C4AF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ca7fcb5b1f41918188022035ce72f844b299b7ffd064c4c9e3c9e596569743

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194609
cf-polished: qual=85, origFmt=jpeg, origSize=38332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12866
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:12:43 GMT
server: cloudflare
etag: "24026408b8f2c4498a233cbbb8507821"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptMTY%2BNStedpiPW57sD20dv8iheA7jsHXjAaMPt9Kb6W%2BhxD5Zx1TSeExbbQPTpfSpqTd9hrUG3lyuV%2BnBwz2Z3mi1w2NVB31Trry0njSmdb2UKvqhqWTwg4aNwlko9ZOEWCUqZEtkykpGqw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf3da019176-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H2 200 3422B222C63ABA094DD878458B492EAD2702A34D0B4A94DF1894C046A5911BD4297CCD5C5898FD53F62E079B8D1B73737960C5F7DF3FDB5DDEE88068F96E72B0
assets.ad4m.at/product_image/ Frame 90D4 70 KB
71 KB 23ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3422B222C63ABA094DD878458B492EAD2702A34D0B4A94DF1894C046A5911BD4297CCD5C5898FD53F62E079B8D1B73737960C5F7DF3FDB5DDEE88068F96E72B0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a7a1458058fc8e9a0b596590b7f7eb8a5c3b66280c1b626dc0678fe8f69013

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1424851
cf-polished: origFmt=png, origSize=123808
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71926
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 17:02:56 GMT
server: cloudflare
etag: "541023891e1b079af000e6373725dbc7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i1Qc9RdLi%2F64ypJJl%2BJw98HwjSNqN4ntuMps7NrQjw2Bh34UmatCxv1RvENTfAwDEcDyNPBWv3wVe35G70JVxo5nq1LJhWTBrCuc6ZMqdEZ4GgSg4rNRj8DiIuI1KNaQUkc2Bi%2FPIzL21sC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf3d9ff9176-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 90D4 43 B
702 B 65ms
38ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2941308&v=13686&q=411418&r=412871&pv=1&pref3=oneidYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6qoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2280 11 KB
5 KB 23ms
22ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6330321635589af9fecb5ca63ff0423180e373c8a6f1bf55ac89862128623b4f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hk76x43v1732qqyc5jkfe2qpkza2mppg0tmzp9fa1d9r78spp1rzt5k49xhsfwanc97tryt19cgzpvhakgb05ay04bppv9vzv75c1wzyf3wz0x7gtj0fr9n2hz23p0rsq1p9mj5f6k0b21h8cxna9avfmyzcwn3czfg7b4jg8fhrnr2zwjd7mypx5991b44ngyaw4k1dnnv89n3tfxtbr5gtegkrt32h59bhr2fswfhsspzg26gjdns44n8t4b00vej25bjamvzwezj8atgpryvw8wj9bqe3j46de7yc0j2603rs5fy5stz61khq728c6vc5e5gegtv1nz3kjz4zdk0q7dtxf3s8vbjhzsa0w1fzn6x58xdsb8e46tzgxpwmw0kjxp3d2f2r3mgrh2cr7hc1jtwq40aje6qp8zy5vyvkaa8fsbcysqexhvqyj01drm4ez092c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%26client%3Dca-pub-8473763341054993%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7707ddf3de6892a7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:44 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0B92 9 KB
4 KB 25ms
25ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b040974102721f50a1f3dd85b221eb411917e5cbdcbe04bb254df03465f49acd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k1rr6gjv92z35p8hkwvtawqpdytgk15qksyzcrnm5sy94ejn05m9197b9md32b0nq3kh6fp12svhr08k1hezgr39wdg0nr63v37b43enwv10jxn4dqpqgyd6btz21vwsr22015z1hnx9z0wcz1z1x4zy37y3tja197z2frc3apx9b7jfjqxtcfgg7xa5qbntbzdzbgmbqw6ebm9fxtaxz8jd9vfhbx4nhcx4761p9xv0wr8q3age95s453qqrw0xtbxgpgskp6v4p797rfb37mq7fjcz0kkx1mh1rd7h3bez078ceysdzyttjyv5ecgmx06wt7mvv9caq620z0khya35532jah7km8v1w5zh55s717xrs2f5fgd8ygnpmaxs46awm744h5zvwrwftq7757dxa8bpqsg24fhrv93vkw063b9pk2g7p2v4gt4h92x5zkg36qdbc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%26client%3Dca-pub-8473763341054993%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7707ddf3de6992a7-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 03:44:44 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 link.html Show response
track.webgains.com/ Frame 90D4 2 KB
2 KB 150ms
95ms Script
text/html 18.133.50.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g9d102f24tzm7ygf25hravwrccvh6nbem3m5v5c46hk2shqw7x9gggz3cc8t98bwgmj6xzeg1p8d4cpzh3q2hsb7639kgbktk70e8k3zyzttagm4gky5kx5pzcmkb5eer5cmeqewm3p1vn5ft76gkzbr9qr48cb7j0qfactqbm8qe6brjhza0nvx7a9ms5mvaggf7zzveh60g5wesvzf672ha0gcm03dwxj0hbjkjc184cw9c5jz3vq9k76n3cwr3j5c%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%252526client%25253Dca-pub-8473763341054993%252526adurl%25253D&clickref=oneidjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5woneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7oneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-50-153.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 54efafedd29e2c4c6d99f4d786fc61080a00c0331c60ed9a55f2a26665a08793

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
last-modified: Sun, 27 Nov 2022 03:44:44 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 27 Nov 2022 03:45:44 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame 18BA 44 B
943 B 44ms
18ms Document
image/gif 94.130.160.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.160.12 Karlsruhe, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.160.130.94.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Sun, 27 Nov 2022 03:44:44 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 2280 89 KB
11 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 283585
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyCib3jEhOuXhBkv5LjvXoKDs%2FXp3SfIbjRmnXmK0kTKWPRXW%2FdmKQnw0Nb5IIorPLwVDsBZknTJBO1gcRUZAsJrL0WQPCzOOuzgIBLQxSwkDZs4C8wkzv8Ukse0alcFt01hUOrrY%2BE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7707ddf40e8692a7-FRA
expires: Sun, 27 Nov 2022 04:44:44 GMT

GET
H3 200 B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 2280 26 KB
26 KB 73ms
71ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2536212
cf-polished: origFmt=png, origSize=53992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26236
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jun 2022 14:47:26 GMT
server: cloudflare
etag: "e460905652d65e6a54a57da046f52d6c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFU5gv8swYi4CmMv30tglZlwP3ToihSGLw5KfkYhdPEhZPuOgQt%2BmdUm8PlB8HTpi6p1Zj848zJzb1GRoVTrlhowVVZ%2BO7CzKtEOR707%2Bs%2BVDm3A%2FpCFQ42npuqaiMyX3l7QKrZOPXfs1hJU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf40e8792a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 2280 54 KB
55 KB 30ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193435
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTpeAIhw65lyZcJGx8H8%2ForpWsnsHW%2FFRUwtvkQVpIBwFvdOksK36JT0nhgVZX2n8sy7LFLpNkOKaVY4jcy4Us4%2B%2BSDorNmFl%2F2N2xydsbZLBJgQKMStDkXokali7tk1lqU0lvUXGIBHV4Gu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42e9e92a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H3 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 2280 16 KB
16 KB 54ms
52ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193439
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdbkcW13WQZAnZ7I5Zpx%2BV8HYJPX85wYRlHOyl8rD%2FoXQRindynwl9IGmUlD9Mac2M7lgadXNXuHmFNcsx05WGARbowHTVWOxnuX%2BfpvFq8OfMV4gE7x%2FsDAyoc22sKAN00O1e%2FC%2BNAw5Aty"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42e9f92a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H3 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 2280 222 KB
222 KB 55ms
53ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6419
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpFJfKUx6btr7w3wQj954Kt1FXlAXK1aqVexkK1PrOM5OVZDGuovu6v%2BAhSyqpc5tU2eUdP4nv%2FULeeqvzPt9nsAFrjPLXKyvRVMdKCr3vvipDpvyUoCsCo6e266rtml%2BJ%2B1zaz9zKEUD5np"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42ea092a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 2280
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAzoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1669520684_d4c86c70-6e05-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

0
640 B

70ms
42ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1669520684_d4c86c70-6e05-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
via: 1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 656449526
cache-control: no-cache
cf-ray: 7707ddf4abdc92b7-FRA
expires: -1

Redirect headers

Date: Sun, 27 Nov 2022 03:44:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1669520684_d4c86c70-6e05-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 760645355E07060CA538299F884E0A2A91F92CFBD8C0E56DDB435F11DDD9EDAE42AE2F99C5EC63AF4AAED270F8D711032D82DE00A348F847A882BE0F5B46491D
assets.ad4m.at/logo/ Frame 2280 6 KB
7 KB 61ms
59ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/760645355E07060CA538299F884E0A2A91F92CFBD8C0E56DDB435F11DDD9EDAE42AE2F99C5EC63AF4AAED270F8D711032D82DE00A348F847A882BE0F5B46491D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c86e663a298943295c894374a60c759df230954d3cd7725a4d627bea9cf5139

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307008
cf-polished: origFmt=png, origSize=17984
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6632
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Jun 2022 13:54:25 GMT
server: cloudflare
etag: "a6a905cc2632558f125422a8ad357f2e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnOG%2Bs05khrHJBUN8UfWhLgayQWucC4GlcrOpv%2BoSyJ8Ag48iZGdHjzdgn%2FchZp6feVt6M%2BxxL9Ua0XQBSbCV91ED7pZLP9sCCVUZbMBgE0SeEIGuJNI5YPv4NkYegDFlbkZs6lApFTyj44z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42ea192a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H3 200 5D93A1E2AA38AA8343EB5A645B6FDDD69F09A437FAA7A53A1216F0ADFF6455E9693621E0CFFB18878C72CE6231877D9F7A2764D2A98781DEA8AB525EA1CD946F
assets.ad4m.at/product_image/ Frame 2280 220 KB
220 KB 62ms
61ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/5D93A1E2AA38AA8343EB5A645B6FDDD69F09A437FAA7A53A1216F0ADFF6455E9693621E0CFFB18878C72CE6231877D9F7A2764D2A98781DEA8AB525EA1CD946F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25754d0039d747a2e7436638a0500088131f0b4ae044c20478109bfdbfd9f205

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 227336
cf-polished: origFmt=png, origSize=491269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 224826
cf-bgj: imgq:85,h2pri
last-modified: Mon, 08 Jun 2020 09:08:08 GMT
server: cloudflare
etag: "aaafbea31caf71cc79e6496935a9bc12"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjxdtH1OQuJ%2FvYE5YaP6SLWDD8gEh2qGUaLhS3hFXL4d48qjxjP62zEGPOshcd94llvr0agt%2BTtsCv6nQqSBsQyMcmgMf8evj3w1ZxC5qY04dLVeIlQ6e9W66sYmqEzmRNgVVT5RWqj1VNiT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42ea292a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2280 43 B
705 B 56ms
36ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2428904&v=15053&q=367482&r=414235&pv=1&pref3=oneiddE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 0B92 89 KB
11 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 283585
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trV9N%2FjaqFfEM0dDzXojVMXdVw%2Fo4gmEd4uxyjt05zKX%2FSSRL01PqX47WqQidmOify6SILgjeSX%2BquZeqNmu1aRkMfyH093FJszphSvhJquUVqVyNgU2DyNwoax6avS8YjHMKxqkQWA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7707ddf42e9992a7-FRA
expires: Sun, 27 Nov 2022 04:44:44 GMT

GET
H3 200 495D0ACC775FEB88200C6562B8700F7A74A422B19A9DCED16DA49818F89FF7B138331EEDA892E00070DEEFE9EE63179D0D8B4A46F72A49CC4B31243923CB8071
assets.ad4m.at/logo/ Frame 0B92 12 KB
12 KB 37ms
36ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/495D0ACC775FEB88200C6562B8700F7A74A422B19A9DCED16DA49818F89FF7B138331EEDA892E00070DEEFE9EE63179D0D8B4A46F72A49CC4B31243923CB8071
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2562f6e3b772a132b9a8970e7e71d35ab03155e50a3cfe804e77acb545803e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 198480
cf-polished: origFmt=png, origSize=31276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12116
cf-bgj: imgq:85,h2pri
last-modified: Wed, 03 Aug 2022 09:57:11 GMT
server: cloudflare
etag: "04078a26d2b2f14681e62d1632e231e0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUXEaa5%2FfwpR4dx9iKabVoYePh%2FU8wjAjTq9F8zv9wexaNCgySXQ9EOTqM92RG8qvu3j7dm70mtw%2BZnHbGWcgKhA91MkRvaBWUPTKjjpu01E9UhypBs4L45MJka%2ByDH4qZOgsYguYZ%2Bxcsa%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42e9c92a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H3 200 9CE38863AE8A64107749CCEDD5A5256B415C9918F6649F7E3362840F8500C7E51128241FDDF061795D19456074C6F0F1764646FF915E87745468D14E4DEF0CF3
assets.ad4m.at/product_image/ Frame 0B92 388 KB
389 KB 63ms
61ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9CE38863AE8A64107749CCEDD5A5256B415C9918F6649F7E3362840F8500C7E51128241FDDF061795D19456074C6F0F1764646FF915E87745468D14E4DEF0CF3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5972928c53de13c10520ed854a2952547490fe5fcb2890fd076aae35e2a0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362196
cf-polished: origFmt=png, origSize=662069
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 397436
cf-bgj: imgq:85,h2pri
last-modified: Tue, 22 Nov 2022 16:12:24 GMT
server: cloudflare
etag: "d4486a929699254a6d8f01b74fbb9f64"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe5WK87iQXUv%2F7dHj8Z4WjChJqu4rw6fN7WOZZ7VfSgGgJYmXcpYZGkyPY2FjJRPHQYN2uSSSiNAIEQlUVUFtZPEZn3Fle9xIFc6IbFPWBSz5Z1HJWUxvNotF83OizAPpbB79J%2BqLRo23lFB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42ea392a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0B92 43 B
703 B 57ms
39ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3271483&v=14968&q=420029&r=412863&pv=1&pref3=oneidQxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 FD5F24A2D31F8DF379AC66382D10C95BCB2B6DBDAB1DA6A8C928B4E2932EB8E5F816C97A7A7B662747A82FA3B32C5D2169F78EB90A71DB8E4B05718BDD554064
assets.ad4m.at/logo/ Frame 0B92 9 KB
9 KB 35ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FD5F24A2D31F8DF379AC66382D10C95BCB2B6DBDAB1DA6A8C928B4E2932EB8E5F816C97A7A7B662747A82FA3B32C5D2169F78EB90A71DB8E4B05718BDD554064
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71936b6180cc569176357d7dccd28a3be85e563e38fddf8d3ea2acffe2a31eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1424059
cf-polished: origFmt=png, origSize=22627
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9062
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 14:45:36 GMT
server: cloudflare
etag: "6644e110754fc27211d36ba4ea76ef36"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LI1XFQdz2esn7Xqgr3OiCQk5vucNEQmEpifVm6ZOreGECfBSV2d1Z8wfD9%2FvdHq%2Bc6N4l4GzSmFbKyMlZ6j%2BqmV4j698KdxJmCBfLxO79YF9Vo741jUW11LV%2BnCr%2B5n2r4H4ZDt3p6dELRdA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42ea492a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H3 200 EF95B0CB3B17EEDBBBA0A4E12D979F824F74172FDAC00ECB0EA7114EF0814C5A1DD7565DF59196794EFE05075CA3DF35C3A78B4C6B4852E6E36A1501DEECF4F1
assets.ad4m.at/product_image/ Frame 0B92 390 KB
390 KB 35ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EF95B0CB3B17EEDBBBA0A4E12D979F824F74172FDAC00ECB0EA7114EF0814C5A1DD7565DF59196794EFE05075CA3DF35C3A78B4C6B4852E6E36A1501DEECF4F1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e47e9aa6fcdaed6145226af22014bd02e5d7cd15597e82cbb8028387fedf05bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1336083
cf-polished: origFmt=png, origSize=594471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 398992
cf-bgj: imgq:85,h2pri
last-modified: Thu, 10 Nov 2022 17:27:43 GMT
server: cloudflare
etag: "3f68b52c83b63d1e1f1255a960de45fd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77vwQ60KYvzyrhTA%2BaL%2FBjjI12rFjls2S8wcy1NmmffkFT47C%2B9ilBd7pG%2BdmX8weaPK9bjqriSSmiAA3AVIygkvDAqMj9kTf4rJ1lnn%2FTDzFw0BBvTT2g%2FVXdIQx7zhXiIRZuzS0PdQTLIy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42ea592a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H3

200

B22944204.250994090;dc_pre=CJ2a0Zq5zfsCFY-K_QcdFvUNbg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/ Frame 0B92
Redirect Chain

https://www.awin1.com/cshow.php?s=2389702&v=11953&q=363641&r=412871&pv=1&pref3=oneiddE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmMoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CJ2a0Zq5zfsCFY-K_QcdFvUNbg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_...

42 B
63 B

29ms
29ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CJ2a0Zq5zfsCFY-K_QcdFvUNbg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 03:44:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CJ2a0Zq5zfsCFY-K_QcdFvUNbg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 E6803EBAFEFFBCD3D5AE96B3A7483C7AE1E3DDDA9153AAD32EB89BF7A15B788C21C1CCB82C1D7D8C4632D5C1A92F16DA7C56C0D7C5591CF4F812A8FE8BE2B33D
assets.ad4m.at/logo/ Frame 0B92 21 KB
22 KB 70ms
68ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E6803EBAFEFFBCD3D5AE96B3A7483C7AE1E3DDDA9153AAD32EB89BF7A15B788C21C1CCB82C1D7D8C4632D5C1A92F16DA7C56C0D7C5591CF4F812A8FE8BE2B33D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b221acf2dddd384ad27c2de8f84d51da5d13444287955066cfa0ac289d3ee635

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1417177
cf-polished: origFmt=png, origSize=26283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21576
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 06:29:13 GMT
server: cloudflare
etag: "afd0022a57a9b7da9cd0eb77575bd7e0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJGqs0UiaKkFu3kY716sa2yHZeADDKCSI%2FhaITqNmkJ6TZ40PN5%2Bn73q9VjERVNXw%2FiG4uYbJt218aUicSxyImdhCffCLvSuOJxVrT6ZMAZsyZotBW3WURSNpuI1WU8XmpEXzgYu2RUmYPJp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42ea692a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H3 200 53A8BCBB1A2083001DED44BED50B057DCDDDB9DAAA395E7216DDDD220D690290381C1C521E98E8C65E2606E5BADAE41E1292EB729E3A5C9BFBAB2446B64BDEE7
assets.ad4m.at/product_image/ Frame 0B92 121 KB
122 KB 70ms
68ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/53A8BCBB1A2083001DED44BED50B057DCDDDB9DAAA395E7216DDDD220D690290381C1C521E98E8C65E2606E5BADAE41E1292EB729E3A5C9BFBAB2446B64BDEE7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=322591%2C11184%2C322055&b=QxWH4fjfQGjbSxH5HYtGtbpXBf6S4TGD4HEzJ5%2CdE7HEfkfg1xCEHjHwtEtbVkceS4T59ATgVmM%2CGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeB&f=2bVC6fqf9PwbSVHWHktwC2AbrfxS7Tg38U5kJz%2CK1mCRfZf4Vwu5HMHktzCB6VF7SAT84Jtp2Qx%2CVx4HwfmfB8JBuVHbHAtXC6x6UBSzTgbrUDJdX&c=300&d=250&e=&g=f698c1b661310a9db370eabb61a8bff7%2F13405902739329079558&i=82998%2C20374%2C28900&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684117&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka0amxfx2hhyn4vhmvznhh2svvey2nv7mejchdw3w48xehng6fpb0yvbxnvj2m4sy5bdzb033aemwy3jjexwk75mjcr6xtd7f02tfa0rfvsw4jekvt0ratbsmn92tn5m7xfc8qb4ykb0hbm5tk233j23qes8zdxw40jd0ycwr0g023wsb1htadrxe1j31g2032djn1s475zxdq819xc71e9cv7kgsfmmwwr78cmse2pkfdjf90mfxrree8h2b7zvrq4h2vdwexxnxa0fm1hhq2s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3jhVK92CY8_kJYuT7_UPpamQWJDhgYRctqjCivACwI23ARABIABglYKJgpgHggEXY2EtcHViLTg0NzM3NjMzNDEwNTQ5OTPIAQmpAv1d4nqfcLE-4AIAqAMBqgSVAk_Q2XlP6-VLcc3uM2ayS2G0IGlSZ7GFdDfez0eOb6NwxY5cSFY1VTPj4r2VOBucwGqUi6SFeCcGe6po6RSgRMHv7sDIYzHDcABfh4SkAx38yxSWELRM7id8R51unK8jKipk2I4xgeSzHQq8keIPLpHRi7jZQGerWr6Ommr0kePZr6YrOWN2KFNOJMgvHz8XKdeJdMb371akV_i44neGgr6l1PcCEarUOzIFKFoUTyeb8Uy-DdnZUKMO7MnhFBSlOCeUxB-vZMylrW06H3SBRPOy3rk9hnB3GLSx9pAdmiYLbg2b9akrLhhdOrM_n5NVTf38dZ4DBOeRMCsLGepS7AOM2kO4dJbMLbIflitgMHA7zyByoz7gBAGABvyTrIfyyaeCK6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2ayU9Awen-pq6kYRMx7551ObC1CQ%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28735e29ff972cc8159c6dce5500bbace2eefbd37b9ba5d396ec47f3a3e779df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 566506
cf-polished: origFmt=png, origSize=128376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 124336
cf-bgj: imgq:85,h2pri
last-modified: Sun, 20 Nov 2022 14:22:57 GMT
server: cloudflare
etag: "dd616f3dcd32b488815b66119750da8b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xeb%2BoMb7noh6VQSCM55%2BN7ijQGOoVvJa1htCYtrrBfdz%2B9x03IN41l2P5x5iVquw1Q2VhquCeGETWjAGirPLS04OFQjk5xHkYLmx3QfQJqzHWRTI8OpDo%2FKrVN4LdilqCLUeevECRLaObD33"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7707ddf42ea892a7-FRA
expires: Mon, 28 Nov 2022 03:44:44 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0B92 43 B
702 B 58ms
40ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2846301&v=21338&q=409672&r=412871&pv=1&pref3=oneidGjMSBfpfgQxgHKHeHGtPt7X7sZSYTJ78sQVeBoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 03:44:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2280 2 KB
2 KB 64ms
58ms Script
text/html 18.133.50.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j7ze3nsmambdb31zrttepn1w77sd5q1whw1pwrhsj7r4jjde0wex0fzmfjypagzfj8pyn0m4h75mz5a6c8tfgtzqyp5jzna2702y795rg93k0b6jdbrtmrkq9x0t8addmsp033x7m1z1nanhadzj12hq5y7ss1g1pc9561tnqhds5e5y9n49a007vgy3z9ve1cb38ze6t4qt0e1sg3rvy097y6erv2a57yvvsdjxrwmt6s77fnfctnxbdg4w2yzfxdg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%252526client%25253Dca-pub-8473763341054993%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-50-153.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 84596af034bb2b4d59c38df0858c44a95b7245acc29990f5722411874874b795

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 03:44:44 GMT
last-modified: Sun, 27 Nov 2022 03:44:44 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 27 Nov 2022 03:45:44 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2280 85 KB
31 KB 45ms
9ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j7ze3nsmambdb31zrttepn1w77sd5q1whw1pwrhsj7r4jjde0wex0fzmfjypagzfj8pyn0m4h75mz5a6c8tfgtzqyp5jzna2702y795rg93k0b6jdbrtmrkq9x0t8addmsp033x7m1z1nanhadzj12hq5y7ss1g1pc9561tnqhds5e5y9n49a007vgy3z9ve1cb38ze6t4qt0e1sg3rvy097y6erv2a57yvvsdjxrwmt6s77fnfctnxbdg4w2yzfxdg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%252526client%25253Dca-pub-8473763341054993%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:06:18 GMT
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 77907
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6mwVk0N60Tv62ndLjtUjJmVyHqvriqGLaUlpLS088FxcDbhrmwA1KQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 2280 15 KB
15 KB 53ms
8ms Image
image/png 13.32.121.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1669520984&Signature=obMqdmXyWeUYz4vP3KwlAnYHdx5oUGpRETRVEjg5wHlhdhPmKL-yP9GlnofY83x8Zxgll2KrQUatWZEt4OhkRK4Mi6bXoRyjUH7Y1RUmFYjI-s4cgotKW0Yo-Q1bE0dY-K0XrwIabRYF5--oILsYu0kN1vUnz~cvJ8SkJyV9RRIUetTLcCQjG9rm4uVP1yrXZ4lRYNXQvqIm1XrXyo~9hysZoaCQnFw2-QFbG~jVkrv1R9RArdTYs~tym2fCgJXzHX5K~-IXSkSIN5rLmAY2II7-9ShJKKD0RuwvP4dKyw5EM0TrsFaXyLDr90SnZNUL60cj~z1X1F8puzsBEb-2Cg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C322829%2C29432&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CDjBS3fwf25ewu3HmH9t1tZDAhxSmTYEXhZMAz%2CdE7HEfkf6q6sEHjHwtEtK7xTeS4T59ATgVmM&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CdE7HEfkf59DKuEHjHwtqCbXQfeS4T59ATgVmM%2CK1mCRfZfZQZS5HMHktzCgJkC7SAT84Jtp2Qx&c=300&d=250&e=&g=4adc79e545b77fa5d3d9836f2eb5586d%2F9502514422935218171&i=71725%2C21596%2C25179&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684115&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g9wzfbf29fxdgaqbp51nfeq1z849wfhjvhmajd3cywjsrrgswe9byeg803keyfjtygx71by0qbe30py33nafjxbbzqa47grrvr7hvn1rwxve1n5rav3mkqsxtbzz5ncvccb33zcj4gtebpgdb4k6sfq9ezgbv66fp20zqysej6rhk6n64msmyym7sk9v2xxf3nv3yb3wb826fca06r41xghczq6ns4rdpswe82za6n94d0xtx67abss3tqwbq49xkjh5yeyhye7t6ewbh0b0779%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNLuWK92CY83lHdfl7_UP1pOG6AuQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0Ln2zBE_NncyJ7mBWBWQ4ZR0mFfTP-KMy8uVQ_20utR0bMUrWm_VpyBsOEqihoWZgJ3rfAr92fg1nmmZFRkKaaiiO8kN8ZxS0H2WAR4KYXmEYzXAL20c558V1eEG9NryZepUmZfTWVEqsvAA7-gAX-vPJ0qi3zuYcc4-gU4ynUH2Hb30wy351HD-YndxZMMo9U3sVVDuHU-Ys1QnWPZK0iblNB0Q0MRtlQp62-GBxV9QNn_XHVC4c1xestLO_sR8PkmNWk1IvwAwh2NM-DhhlZ-apWvzU3OnP3St5tFBEo2m-rhZLVj8t3w9XsVLxBLrX1qYiIchDnYPj8oa31JRmwPML87XSxW7av4oaZSTVonzAJad4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_30zFrRLZA-O-tHoarl_LIoMLBp-A%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 26 Nov 2022 21:40:02 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 21883
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: HqjytYsIn6uzngN1-8UOfD1WH0eu6YEIUNwyiFzNhb8ESr66yJ3jCg==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 90D4 85 KB
31 KB 14ms
12ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g9d102f24tzm7ygf25hravwrccvh6nbem3m5v5c46hk2shqw7x9gggz3cc8t98bwgmj6xzeg1p8d4cpzh3q2hsb7639kgbktk70e8k3zyzttagm4gky5kx5pzcmkb5eer5cmeqewm3p1vn5ft76gkzbr9qr48cb7j0qfactqbm8qe6brjhza0nvx7a9ms5mvaggf7zzveh60g5wesvzf672ha0gcm03dwxj0hbjkjc184cw9c5jz3vq9k76n3cwr3j5c%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%252526client%25253Dca-pub-8473763341054993%252526adurl%25253D&clickref=oneidjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5woneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7oneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:06:18 GMT
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 77907
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6TZdEkE36_EJ2vpl513Y8HaTeUdcyTbJS_mS4VTQhxXI5Aq6U1hn1w==

GET
H2 200 1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame 90D4 55 KB
56 KB 20ms
13ms Image
image/jpeg 13.32.121.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1669520984&Signature=GS94JwNhxeSXV4xvokqJC7PNDBcpweSIAES5eakeF~7iZBv6EIWbqxG7x2dGcqUfMo6qOMyarzVTnfSY4mWXgrW48oUZ4AI8~7601XcJi6cwu00H9lSAe3curz9SPoJJk11Rcn-mLOVoukbGvNQoBdvqBs14ipS3QE6MTF3p7fxBzxotgo09RSsYvjC1HDazwZl57OP6VEmiM7MGcIWaB~EzG0Eop0m4XBoDOdcgYuOJZZn4XjWOWrDJ5aINTc6D3BMjjSZnYUt41absqTJ42jxHaIfOoZTwTMKnoUylyNkoRURiqp-d7xhFIzYZt0H-0eQLwAotaqYOCNm6CSzF6A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C182475%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CBjxSgfPfxbK9HxH6H3t9tVAQQCjSeT89Yt8pw7%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2Cjp5CEfGfqpP2sYHEH2tWC41XXfZSzT1BqTdr5w%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=254f7e95f31a18f9e029de20ad9f01a9%2F13201323578990648708&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669520684082&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h7n8hm0d78dexgkaz7edz4vk3cxt2hmndyd0fbb0rqpj3gsweg2yamchfem89mhyg447zcsy7d6h9vq8ngv0rqhp71p5hpgep92eya126mm4vct06fmnakyp3jgkbe0z6acdmc2aqqg8pmv58rwtvrpn6wb6qa7633j41yjc5jw4na2txgrkz72yps8cvzaqkp28jy46sc6k94zrfav17z81dy625famgt09nb4h4ekmxrzc83wksarwty19fkydk1vjeq8fmva1fe003q08ph8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3nxLK92CY8PqC8rX7_UPqqi0iAeQ4YGEXLaoworwAsCNtwEQASAAYJWCiYKYB4IBF2NhLXB1Yi04NDczNzYzMzQxMDU0OTkzyAEJqQL9XeJ6n3CxPuACAKgDAaoElQJP0FFHu9dab8k8NeNSB2KKAS3flQmD2kv4b8Vz6jHZrNr1W7_fC97x5Gp9g0A_vCO8Zf4mu-B8zJkC5NPblhN_pN4CbaJxY_ioWjqW1U6VWbx2gtQSf5O5PjqHhWtYt3shxg3xh4-jSnVCbI1SNAGmPeSGKb_6nbeo675Sg6Frj1dNLRpy5cSHdqxq-Anq0GQYQXhq8eUrziTOuw7OLF41fAa53knrilfxdGSrBkfV9USFm4RS5jnzXkZ27g6kjWTqaKXJ7l-0SryLdtKgHiiC-aGJSHTvSyLF0Eqvvasa8wjreWnhD9_4Ywo7egFUI82Uuyaoj7bnfwe0WhQCiQGJSZqm4ueYAJpuQqKFlnZ94HCb3vU74AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_218-6yXVl2gpFAniMS6mqyH1CYtg%2526client%253Dca-pub-8473763341054993%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 26 Nov 2022 18:18:23 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 69312
etag: "4e56b45a1411ee8d71fc40bc011df5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56674
x-amz-cf-id: j38gFmUlxfay350QUDRqu4-tTNBZKc_VyKVJ4lZsg213436tyHaEbg==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 90D4 16 B
233 B 68ms
67ms Fetch
application/json 18.132.178.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-132-178-175.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 03:44:45 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 97ms
22ms Preflight 18.132.178.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-178-175.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 27 Nov 2022 03:44:45 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2280 16 B
233 B 70ms
69ms Fetch
application/json 18.132.178.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-132-178-175.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 03:44:45 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 85ms
20ms Preflight 18.132.178.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-178-175.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 27 Nov 2022 03:44:45 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nitrotech.info
URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0

Domain: nitrotech.info
URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0

Domain: nitrotech.info
URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0

Domain: nitrotech.info
URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.ttf?v=2.4.0

Domain: nitrotech.info
URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0

Domain: nitrotech.info
URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff?v=2.4.0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPA6HlfiEZciA0eyrb4D3JIFKefGH9VM30fyQpjqrlD19PMkFYRyK4IXi0Ph0nktV-GGBPCmSSqBL2pfQoHHdfFgo7V0GH&sig=Cg0ArKJSzF1aPyy0_036EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=34&adk=2307692969&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1669520681255&rpt=345&ec=1&met=ce&wmsd=0&pbe=0

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DASkJ3FYnGHt-uVxdbKkrTu6Unw8pJYjX2fhjYrz2p8ztIAETHhhLrFNtAIhWyVjajooj_V6Z9__1SPF5ltQKXzWEodRbx8w7RKU%26google_hm%3D%5BUID%5D&google_gid=CAESEMCnkacCpoxXNApQUJWUjIg&google_cver=1

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nitrotech.info/	1970-01-20 17:21:20	Name: _ga Value: GA1.2.1469647755.1669520681
.nitrotech.info/	1970-01-20 07:46:47	Name: _gid Value: GA1.2.1822005554.1669520681
.nitrotech.info/	1970-01-20 07:45:20	Name: _gat_gtag_UA_132312568_1 Value: 1
.prebid.a-mo.net/	1970-01-20 16:30:56	Name: __amc Value: 1_1669520680_1669520680
.doubleclick.net/	1970-01-20 17:06:56	Name: IDE Value: AHWqTUl2Dkyr56DT_rGNeIY1iVjSLIgYPVb-fPTcWa7ppPl7Trg12t2gaTlWKhSiY3c
.adnxs.com/	1970-01-20 09:54:56	Name: uuid2 Value: 7181446083751950959
.casalemedia.com/	1970-01-20 09:54:56	Name: CMPS Value: 2137
.casalemedia.com/	1970-01-20 09:54:56	Name: CMPRO Value: 2137
.casalemedia.com/	1970-01-20 16:30:56	Name: CMID Value: Y4LdKaqhx5T4mb9vCLk.8wAA
.nitrotech.info/	1970-01-20 17:06:56	Name: __gads Value: ID=b0aa2a16cd2e247a:T=1669520680:S=ALNI_MaIw4RxU1Q3ZRicS5_dK-CJHCdmeA
.nitrotech.info/	1970-01-20 17:06:56	Name: __gpi Value: UID=00000b88e316ed08:T=1669520680:RT=1669520680:S=ALNI_Mb9p5R_joUov2RLs_N4vGqbwSfrLg
.adnxs.com/	1970-01-20 09:54:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?fgLw=T!]tbG8i_iqf!oN/@E'zz<*Z0Qh_%E=m!Jx`/niy3D.1RECrC3f.)7#sbAV43<QG=%9sk@3@'s>T=!F(x
.quantserve.com/	1970-01-20 09:54:56	Name: d Value: EGkBCQHWJ4EA
.quantserve.com/	1970-01-20 17:15:35	Name: mc Value: 6382dd2a-a53d8-f6b8a-90cbd
.pubmatic.com/	1970-01-20 07:46:47	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:54:56	Name: KADUSERCOOKIE Value: 00B39953-60D1-4D81-9457-630424C34FC2
.bidswitch.net/	1970-01-20 16:30:56	Name: tuuid Value: b49e6246-755d-4ec6-af61-01f503c60494
.bidswitch.net/	1970-01-20 16:30:56	Name: c Value: 1669520682
.bidswitch.net/	1970-01-20 16:30:56	Name: tuuid_lu Value: 1669520682
.scoota.co/	1970-01-20 17:21:20	Name: tuuid Value: 5eb5cbf2-f9e4-4aeb-87cb-3f2dedae76db
.scoota.co/	1970-01-20 17:21:20	Name: c Value: 1669520682
.scoota.co/	1970-01-20 17:21:20	Name: tuuid_lu Value: 1669520682
.travelaudience.com/	1970-01-20 17:14:08	Name: _tracker Value: %7B%22UUID%22%3A%2277EF2156-EA08-4C83-98E4-19C489D5DE96%22%7D
.lijit.com/	1970-01-20 16:30:56	Name: ljt_reader Value: FuCAuGZHjKsKXzj2QrCLdslB
.everesttech.net/	1970-01-20 16:30:56	Name: everest_g_v2 Value: g_surferid~Y4LdKwALHMc32QAT
.adform.net/	1970-01-20 08:28:32	Name: C Value: 1
.adform.net/	1970-01-20 09:11:44	Name: uid Value: 3288233973760957745
.casalemedia.com/	1970-01-20 09:54:56	Name: CMTS Value: 3220
.yahoo.com/	1970-01-20 16:31:18	Name: A3 Value: d=AQABBCzdgmMCEAbixQQ1acs_Bq_-XVR5wrYFEgEBAQEuhGOMYwAAAAAA_eMAAA&S=AQAAAtiXLDq8fyRbVF593_Uw4KM
.analytics.yahoo.com/	1970-01-20 16:30:56	Name: IDSYNC Value: 18yx~28ir
.1rx.io/	1970-01-20 16:30:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-10d3684b-96fe-4865-8363-6e807aca9b6b-003%22%7D
.de17a.com/	1970-01-20 16:23:44	Name: guid Value: 1.5331340715335168109
.360yield.com/	1970-01-20 09:54:56	Name: tuuid Value: ef40abf4-55ce-45b7-9dc5-b471e7a5bd54
.360yield.com/	1970-01-20 09:54:56	Name: tuuid_lu Value: 1669520684
.targeting.unrulymedia.com/	1970-01-20 16:30:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-10d3684b-96fe-4865-8363-6e807aca9b6b-003%22%7D
.awin1.com/	1970-01-20 07:46:47	Name: awpv13686 Value: 412871\|1669520684\|d4c2ee30-6e05-11ed-adce-2234a4c513ba
.simptrack.com/	1970-01-20 09:54:56	Name: ntm_tps__4011 Value: NNtNxZFbtderU6C7Id0zHYUjJ-wVbH8oy5BFXPTjH6iQ4f4sd6iOKEIbcLcAH4PXMlTfYBL1hsSMswEZyC9NfHJgm9jOileQER72cXGxr_NAeFqMFTAua9j-1Tc5peX3ICrV8PqrGlfrgEs4m1N27ggqhmIUpH2QUraBEIJLeGumL17lwv9A4xcRRSTYhgDce-9Rp4oV5aPr_0-1QuTgwnX-J7w46GQ-tb8N3eofgWkM5Z6nMuHR15TZIWHBOvQ5MpFJcY0KIzfiC4t4W8zWCMrCzkwKiRSEMB9r_fDoJadEoq32Tc5vrCETSKDx3CdMnx4lgNh8_TPOZRiHGDJZNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 09:54:56	Name: v0rur7gqspb3_uid Value: 088d6aacb7240cae
.awin1.com/	1970-01-20 07:59:44	Name: awpv15053 Value: 414235\|1669520684\|d4c7a920-6e05-11ed-adce-2234a4c513ba
.awin1.com/	1970-01-20 07:48:13	Name: awpv14968 Value: 412863\|1669520684\|d4c81e50-6e05-11ed-adce-2234a4c513ba
.awin1.com/	1970-01-20 08:28:32	Name: awpv11953 Value: 412871\|1669520684\|d4c84560-6e05-11ed-9d10-2262c713b6c4
.awin1.com/	1970-01-20 07:46:47	Name: awpv21338 Value: 412871\|1669520684\|d4c86c70-6e05-11ed-9d10-2262c713b6c4
.awin1.com/	1970-01-20 07:49:39	Name: awpv11354 Value: 412871\|1669520684\|d4c86c70-6e05-11ed-9792-223985e9a9b7
.awin1.com/	1970-01-20 07:55:25	Name: awpv11938 Value: 412871\|1669520684\|d4c908b0-6e05-11ed-9792-223985e9a9b7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 07:55:29	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1669520684_d4c908b0-6e05-11ed-9792-223985e9a9b7%22%2C%22sp%22%3A%22awin%22%7D
www.conrad.de/	1970-01-20 07:52:32	Name: HTLP_timestamp Value: 1669520684
www.conrad.de/	1970-01-20 07:52:32	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 07:45:22	Name: __cf_bm Value: 6Ov8xyfx_3A7lbBpH_rSuNrWVTge5W5Sd9uie7.aiow-1669520684-0-AaNLbvaDYmbytebJolDUAc75AW31uqUcx2piBEmQZ2XFp1XWZzLOrk5yz3I4+YuuDP13xCQmBYAHEj8lSoOKZOw=
.sportradarserving.com/	1970-01-20 16:30:56	Name: zuuid Value: 803764de-1c9c-4cbe-b9e8-7289b787b109
.sportradarserving.com/	1970-01-20 16:30:56	Name: c Value: 1669520684
.sportradarserving.com/	1970-01-20 16:30:56	Name: zuuid_lu Value: 1669520684
.sportradarserving.com/	1970-01-20 16:30:56	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 16:30:56	Name: zuuid_k_lu Value: 1669520684

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mail.nitrotech.info/ Message: Refused to execute script from 'https://api.viglink.com/api/sync.js?key=5eb3e48a16937e7047af24fd9b6aec65' because its MIME type ('image/gif') is not executable.
javascript	error	URL: https://mail.nitrotech.info/ Message: Access to font at 'https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://mail.nitrotech.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.nitrotech.info/ Message: Access to font at 'https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0' from origin 'https://mail.nitrotech.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://mail.nitrotech.info/ Message: Access to font at 'https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0' from origin 'https://mail.nitrotech.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.nitrotech.info/ Message: Access to font at 'https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.ttf?v=2.4.0' from origin 'https://mail.nitrotech.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.ttf?v=2.4.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.nitrotech.info/ Message: Access to font at 'https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://mail.nitrotech.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mail.nitrotech.info/ Message: Access to font at 'https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff?v=2.4.0' from origin 'https://mail.nitrotech.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nitrotech.info/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff?v=2.4.0 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a07007a0a92c860a50e72c407aa9bf7e.safeframe.googlesyndication.com
ad.doubleclick.net
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.viglink.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c0.wp.com
c1.adform.net
cdn.hooliganmedia.com
cdn.track.production.webgains.team
cdn.viglink.com
cm.g.doubleclick.net
cms.quantserve.com
cs.emxdgt.com
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i0.wp.com
ib.adnxs.com
image6.pubmatic.com
mail.nitrotech.info
match.360yield.com
match.adsrvr.org
nitrotech.info
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.wp.com
prebid.a-mo.net
prod-rtb.ad4mat.net
r.scoota.co
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
sync.teads.tv
tm.simptrack.com
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
nitrotech.info
pagead2.googlesyndication.com
sync.go.sonobi.com
104.111.239.217
104.111.242.245
104.218.53.78
108.138.7.114
13.32.121.109
142.250.185.194
142.250.186.166
147.75.85.234
151.101.2.49
172.64.154.237
18.132.178.175
18.133.50.153
18.156.0.31
18.66.147.41
185.80.39.216
185.89.211.84
192.0.76.3
192.0.77.2
192.0.77.37
198.47.127.19
205.185.216.42
213.155.156.168
213.19.147.45
216.52.2.30
216.58.212.130
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:7f05
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::200e
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:fa8:8806:12::1370
3.33.220.150
3.71.169.66
34.252.9.30
35.156.193.4
35.190.0.66
37.157.4.25
51.89.9.254
52.208.159.221
52.29.215.78
66.155.71.150
69.173.144.138
87.118.116.9
94.130.160.12
99.81.44.108
00cb5467cd1232cc0358b03f57cdba0c37d8a4c74fc8949a5dc62ab36e803c5c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e324054abac0e9b5ed244beb4b31ac768e32fd8caef77719f3400526a7a400
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
07bed1deb5dbe3b0786d89358a450bbe0cfea88eef7c2354049da09e8fff08f9
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd6f6984740ada40a715c0e48cac2894a2b3e1fcd2eb0def36027505c18ebf2
0d7fa1cbfe03479e3b9abf9da6827f91aa23aaf11d853b46f9680f604171e781
10bb9263224691c86143b228f9b60216c215aba19c4b6e9e8a2970af0d8415ac
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130258c738258aede53d50cd605361e26189d1176960bd440a8785d81e9ee331
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
25754d0039d747a2e7436638a0500088131f0b4ae044c20478109bfdbfd9f205
28735e29ff972cc8159c6dce5500bbace2eefbd37b9ba5d396ec47f3a3e779df
2b6e18132b3e4c063dadb4994dc4bd9821d761b1123bf55bf1875b737f7787b3
2c86e663a298943295c894374a60c759df230954d3cd7725a4d627bea9cf5139
2c96fd9c5c8dff263d1f8f5163d4b84521a0f5cf402aed7b6edf75bb7bf7bb12
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34304974ef119f85497c2b6b302283d0e14093a83610de992de545cedc5bf50d
362c823507a195c69b285a3303cd958b4fb44248a43692ebaf3fe59e0eb9d1bf
37a742b6a09a2eafb419dbe80fde3a708614d23638e75221ac3c5b238c6e723c
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4af8a9146036a779b8bfaf12c74af241c507a1ddba408e4873e483453730d3a5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4eec90ed1ea0331deea01748bad6a0392b544e8fef3b3d65e9ec0423af27bee9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
537df1b6d1a17489b9423f19b0ccb53ece779f1c623243ff6e6363014560a7bf
54efafedd29e2c4c6d99f4d786fc61080a00c0331c60ed9a55f2a26665a08793
5592e7f720df549627ea79f4f915955bf39354a0e720237cd78f952f82750383
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b167134ba97bfb4ed3777099f1259775c0befbec5cc48bf390d6b1549b01e0a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5e2562f6e3b772a132b9a8970e7e71d35ab03155e50a3cfe804e77acb545803e
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
602803228eaf94b86a6454875835d0bfb024fc0f0c04310a8c89b242d7838a73
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60e53c3f9f432bbc053705adec78dfe37d90fb98c7eb6c0a0a063ae3374687cd
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330321635589af9fecb5ca63ff0423180e373c8a6f1bf55ac89862128623b4f
6416fe13344d50a660b4e234892f03e1eed5b0cb8dc712280901ed2d1f719ecc
686325dbaeda3f70309282d31ea2370ad4f20ce4dac69f44bc9fe577d99bd3a6
6959e4e312edc5c770909e098f7535cb2bcdf1dccdf71e593cb3d80b20edc87a
6ad71904a039c4f80ce0f8d067971702ef8ad368ac0068d99a672b0e0051ffe5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
71936b6180cc569176357d7dccd28a3be85e563e38fddf8d3ea2acffe2a31eeb
71ca7fcb5b1f41918188022035ce72f844b299b7ffd064c4c9e3c9e596569743
72d4bd80c074db9631ee2d9d53f5b0b10f3eebd3b0ac732d2b21dddd259f8a7a
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7ab1af1c566362f69f51b953eb47c62338d20c1d6a9972aa8ed61f89b868a758
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7e18077864966ee3feee81cc6332e1693eadbc8e3a4cd0c9d5ae92d78612560d
7e2322a4caadef261d83772d418aa472139a97bc1a3b234c395e39c5f858b7c4
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84596af034bb2b4d59c38df0858c44a95b7245acc29990f5722411874874b795
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8b61af222a5710cf41a4ffac805cca7bd9ca51e81b8cedd8b7d44a270b8df348
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f691ee2d19fe2ad5175a85dc5022cf0d50825fd70df7acdeb3ffc6f1f116767
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
96f91dc6b5a3de61f6adc8c376578baefd53066da02350a3f9ac73b807d5dd6f
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9de0d24675d34b06af8a34918b566f94e8296d32228371766cbc15d8abc74195
9e65fb5b0032593b7b8fb12b27a01c3c2cefe7e0e231816ee2c8dda3a4355dd8
9f9093afac549fa0f24e54a23798dabcc1ca87f3fb1d4449e636a8ea99844527
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a07f9ff8217252d593f4c34fa3bb7adfa340b09700f19646ce6a2dd66a273194
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
aece3d630405b9bb90bbc06b7658eed4fa9f3c0e07f4475a93ef6fa05fcb932c
af0267055194b8495fca64e1134f6945df1cae01c54f88a387a8507d008ae3c5
b040974102721f50a1f3dd85b221eb411917e5cbdcbe04bb254df03465f49acd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b221acf2dddd384ad27c2de8f84d51da5d13444287955066cfa0ac289d3ee635
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4b8c718b9fd6d209bc12bad286b7dc5242bec6f545e6d6cc96d4fa0a9953a8b
b4cda0e60f723db24dc30c2b7f75d6dcc581d2573b0238226436812c9ec9911c
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7a7a1458058fc8e9a0b596590b7f7eb8a5c3b66280c1b626dc0678fe8f69013
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
baaf48723be42a649b89cf96c10c2cb139ae15cad2ad1a506aabd54d77974f5d
bb5972928c53de13c10520ed854a2952547490fe5fcb2890fd076aae35e2a0e4
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c35eb5ae37465e7b5a114042f046dfc210f0a1377dbb43df3e4813e1c9e68b54
c4f093b4ff0e53c909eedbf80a8770c7f08f89071528ff01d348c088dbd83e9b
c4fe355dfa317d1cfaf6a39aa324e94c8a96fcf73410b7f9eec59951cdfaa593
c6a918a3b6edbe96d7095f630260b5ac25367d741ecba2b53697be68354e447f
c6ea2e786fbaf7001d1b36afbab5d6d18a4cfa73d060128135618eff70ac9c8c
c78a38f48aa4252bdbee7ebebc0dc68eaa95f27d362aa58021fd2f085ca0df4a
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc8b31842f158584e6d62dab9a3a1cfa4a858d51b0a523022127e0569ed11c9c
cfae37ab4e0b9fe16e38411fee58b62ad905285c12c87ddfa258961733f3a04a
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d4db3694e72a35e329589d8417079df80c1d9b586ef0dfbb9f5f02f072368a05
d66bd9a769c3c5f3d5a2b77c18fca8ec6d548ae2233328dd229468aacc2e6667
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
dc27990b51165589f6a9817ad94ae97eca56d2c1517b59a8db86fd066ff1b358
de05e650b272365e0f6a7215ccc9c7a15200c3804b945d5467c10b2bd9e982a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e47e9aa6fcdaed6145226af22014bd02e5d7cd15597e82cbb8028387fedf05bc
e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274
e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c
e830e3fea3c9e952a81fc605b330380e3b2ffe513c74ba5b0e81761c338f88d1
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
ea06e20e464957a95f881358f0ac26d1979b7bd966d7cd63f410c45c54de4420
ee4b9ee789c598c647c9985bf7ba277204ea75e46d4c56baab6e368fd5d47eee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0edcc63b7bb7f89036ad871eaf2bd7957a3bff7bf84240d3f7016c5bc6fc894
f323501ea2d6719700c5b19f0d687ff59e8cb63afc97a48429a8c0b6c793096e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7e5cc2bc5cde96bd5ffb36f993d4d3cac05489cceb69cb534ae3eacb084eeab
f94c40827295309e660e47038ab6c021e897ec570d812298d3d475159ddc8596
f9c0e9be8df286a207ba50d9c4f7b09ce4d2a7bcd0b070a8fd081b7e5d5a2b2e
fb71dabb4230568da5c514b5a6772e61babd3bba54dc46f8dfd3d878a65c0087
fd596ae46a229199adbdc970bf42481366c1fa6d8c60433ffa15dd8ead21838b
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

mail.nitrotech.info Open in urlscan Pro 104.218.53.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

282 Requests

85 %HTTPS

35 %IPv6

48 Domains

66 Subdomains

47 IPs

9 Countries

4665 kBTransfer

8584 kBSize

54 Cookies

47 Outgoing links

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mail.nitrotech.info Open in urlscan Pro
104.218.53.78 Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

85 %
HTTPS

35 %
IPv6

48
Domains

66
Subdomains

47
IPs

9
Countries

4665 kB
Transfer

8584 kB
Size

54
Cookies

282 HTTP transactions
4 data transactions