urlscan.io logo urlscan.io
SecurityTrails logo

forum.killerfrogs.com Open in urlscan Pro
162.254.117.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forum.killerfrogs.com/
Effective URL: https://forum.killerfrogs.com/index.php?forums/-/list
Submission: On November 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 141 IPs in 14 countries across 115 domains to perform 500 HTTP transactions. The main IP is 162.254.117.67, located in San Diego, United States and belongs to HOSTDUPLEX, US. The main domain is forum.killerfrogs.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on November 6th 2021. Valid for: a year.
This is the only time forum.killerfrogs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 162.254.117.67 54555 (HOSTDUPLEX)
1 2a00:1450:400... 15169 (GOOGLE)
17 172.66.41.9 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:3... 15169 (GOOGLE)
2 8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 143.204.215.72 16509 (AMAZON-02)
2 172.64.151.162 13335 (CLOUDFLAR...)
3 2600:9000:223... 16509 (AMAZON-02)
7 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 23.35.236.201 16625 (AKAMAI-AS)
5 54.75.59.39 16509 (AMAZON-02)
5 185.64.189.112 62713 (AS-PUBMATIC)
3 12 185.89.210.153 29990 (ASN-APPNEX)
2 6 172.64.154.237 13335 (CLOUDFLAR...)
3 52.28.203.152 16509 (AMAZON-02)
6 34.149.20.76 15169 (GOOGLE)
3 18.195.196.208 16509 (AMAZON-02)
5 2602:803:c003... 26667 (RUBICONPR...)
9 15.197.193.217 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 34.201.233.242 14618 (AMAZON-AES)
1 2600:9000:21f... 16509 (AMAZON-02)
1 13.225.78.64 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:21f... 16509 (AMAZON-02)
4 54.156.81.40 14618 (AMAZON-AES)
5 104.18.33.19 13335 (CLOUDFLAR...)
2 13.225.78.71 16509 (AMAZON-02)
1 13.225.78.19 16509 (AMAZON-02)
2 13.224.189.97 16509 (AMAZON-02)
2 129.158.42.199 31898 (ORACLE-BM...)
1 7 2606:4700:10:... 13335 (CLOUDFLAR...)
2 8 216.52.2.39 30282 (AS-INAPCD...)
2 72.34.250.78 27630 (AS-XFERNET)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 46.51.193.50 16509 (AMAZON-02)
5 34.98.64.218 396982 (GOOGLE-CL...)
2 147.75.85.234 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 34.209.30.241 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 13.225.78.128 16509 (AMAZON-02)
1 3.134.15.126 16509 (AMAZON-02)
3 13.224.189.85 16509 (AMAZON-02)
1 52.49.181.242 16509 (AMAZON-02)
4 141.95.98.65 16276 (OVH)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 35.190.39.111 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 13.48.37.161 16509 (AMAZON-02)
3 178.250.0.157 44788 (ASN-CRITE...)
2 142.250.185.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 104.254.151.69 29990 (ASN-APPNEX)
10 27 142.250.181.226 15169 (GOOGLE)
1 184.24.4.64 16625 (AKAMAI-AS)
1 37.157.2.238 198622 (ADFORM)
6 34.231.111.174 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 104.111.218.105 16625 (AKAMAI-AS)
2 54.78.104.30 16509 (AMAZON-02)
1 23.35.236.188 16625 (AKAMAI-AS)
3 2.18.232.99 16625 (AKAMAI-AS)
1 3 51.89.9.252 16276 (OVH)
1 213.19.147.43 26120 (RHYTHMONE)
2 54.247.151.106 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 2600:1f18:1ac... 14618 (AMAZON-AES)
2 34.149.12.213 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
3 4 35.204.74.118 396982 (GOOGLE-CL...)
4 7 185.64.190.78 62713 (AS-PUBMATIC)
1 1 2600:9000:223... 16509 (AMAZON-02)
2 2 34.253.143.131 16509 (AMAZON-02)
4 5 18.156.0.31 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 54.93.177.145 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
7 7 18.159.93.136 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
6 6 142.250.185.198 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
1 46.4.62.19 24940 (HETZNER-AS)
1 78.46.85.162 24940 (HETZNER-AS)
3 4 23.203.81.208 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 148.251.139.77 24940 (HETZNER-AS)
1 18.133.151.109 16509 (AMAZON-02)
1 13.224.189.102 16509 (AMAZON-02)
1 99.86.4.53 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 9 185.80.39.216 27381 (CASALE-MEDIA)
2 3 198.47.127.18 3257 (GTT-BACKB...)
2 18 185.64.190.80 62713 (AS-PUBMATIC)
4 4 213.19.147.44 3356 (LEVEL3)
1 2600:1901:0:8... 15169 (GOOGLE)
2 3.11.155.214 16509 (AMAZON-02)
2 2 188.42.189.231 7979 (SERVERS-COM)
6 23.205.235.133 16625 (AKAMAI-AS)
2 67.202.105.23 32748 (STEADFAST)
1 2606:2800:233... 15133 (EDGECAST)
1 192.96.203.13 30633 (LEASEWEB-...)
2 151.101.193.108 54113 (FASTLY)
3 4 37.157.6.247 198622 (ADFORM)
2 2 213.155.156.165 1299 (TWELVE99 ...)
3 3 103.229.206.240 30419 (MEDIAMATH...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 4 52.94.223.37 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 4 52.48.190.42 16509 (AMAZON-02)
1 1 54.237.254.37 14618 (AMAZON-AES)
4 4 151.101.130.49 54113 (FASTLY)
1 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 5.161.54.172 213230 (HETZNER-C...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.140 16276 (OVH)
1 1 141.94.171.214 16276 (OVH)
3 54.75.190.240 16509 (AMAZON-02)
2 72.251.245.179 32475 (SINGLEHOP...)
4 198.47.127.20 3257 (GTT-BACKB...)
2 2 141.94.170.64 16276 (OVH)
2 2 18.198.126.47 16509 (AMAZON-02)
2 2 99.81.44.108 16509 (AMAZON-02)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.149 13768 (COGECO-PEER1)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
3 3 185.89.210.46 29990 (ASN-APPNEX)
1 104.18.36.94 13335 (CLOUDFLAR...)
1 3 52.46.151.131 16509 (AMAZON-02)
1 1 96.16.141.156 16625 (AKAMAI-AS)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 3 69.173.144.138 26667 (RUBICONPR...)
1 8.43.72.98 26667 (RUBICONPR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 34.193.228.225 14618 (AMAZON-AES)
4 2600:9000:21f... 16509 (AMAZON-02)
1 35.175.58.71 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 18.210.87.63 14618 (AMAZON-AES)
1 1 34.199.177.9 14618 (AMAZON-AES)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
500 141
26    162.254.117.67 (San Diego, United States)

ASN54555 (HOSTDUPLEX, US)
PTR: ip67.162-254-117.static.hostduplexdns.net
forum.killerfrogs.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
17    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3061.infolinks.com
1    2a00:1450:4001:806::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2600:9000:21f3:7800:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
readymoon.com
8    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
16    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    143.204.215.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-72.fra53.r.cloudfront.net
static.solutionshindsight.net
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    2600:9000:223f:1600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2600:9000:206f:5800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
6    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    54.75.59.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
ads.servenobid.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
3    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
6    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
3    18.195.196.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-196-208.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
5    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.201.233.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-233-242.compute-1.amazonaws.com
geoip.insticator.com
1    2600:9000:21f3:800:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
1    13.225.78.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-64.fra2.r.cloudfront.net
get.s-onetag.com
2    2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    2600:9000:21f3:a600:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
product.instiengage.com
4    54.156.81.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-81-40.compute-1.amazonaws.com
event.insticator.com
5    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
ssum-sec.casalemedia.com
2    13.225.78.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-71.fra2.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.225.78.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-19.fra2.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.224.189.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-97.fra2.r.cloudfront.net
signal-segments.s-onetag.com
2    129.158.42.199 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
insticator.technoratimedia.com
7    2606:4700:10::ac43:2954 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
8    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    72.34.250.78 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    46.51.193.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-193-50.eu-west-1.compute.amazonaws.com
g2.gumgum.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
insticator-d.openx.net
google-bidout-d.openx.net
os4m-d.openx.net
u.openx.net
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
3a96a8120a9ce8d2357fea80ddd9a943.safeframe.googlesyndication.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.209.30.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-30-241.us-west-2.compute.amazonaws.com
id.sharedid.org
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    13.225.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net
tags.crwdcntrl.net
1    3.134.15.126 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-15-126.us-east-2.compute.amazonaws.com
prod.uidapi.com
3    13.224.189.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-85.fra2.r.cloudfront.net
cdn1.opstag.com
1    52.49.181.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
26    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
adservice.google.de
39    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    13.48.37.161 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-37-161.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
lax1-ib.adnxs-simple.com
27    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    184.24.4.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-4-64.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
6    34.231.111.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-111-174.compute-1.amazonaws.com
gw.geoedge.be
5    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    104.111.218.105 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-105.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
2    54.78.104.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-104-30.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs-simple.com
3    2.18.232.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-99.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
secure.flashtalking.com
3    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    54.247.151.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-151-106.eu-west-1.compute.amazonaws.com
d9.flashtalking.com
2    2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
7    2600:1f18:1aca:4281:dbf8:cb33:6058:925d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
4    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
7    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2600:9000:223f:7200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    34.253.143.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-143-131.eu-west-1.compute.amazonaws.com
match.360yield.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    54.93.177.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-177-145.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
ipac.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
7    18.159.93.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-93-136.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
6    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.o2online.de
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
4    23.203.81.208 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-81-208.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
1    18.133.151.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
track.webgains.com
1    13.224.189.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-102.fra2.r.cloudfront.net
analytics.webgains.io
1    99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
9    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
18    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
4    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    3.11.155.214 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-155-214.eu-west-2.compute.amazonaws.com
api.webgains.io
2    188.42.189.231 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
6    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
1    192.96.203.13 (Bethesda, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
3    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    52.48.190.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-190-42.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    54.237.254.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-254-37.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.140 (France)

ASN16276 (OVH, FR)
PTR: bixel-6.cloudy.ovh
green.erne.co
1    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
3    54.75.190.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
4    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
2    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
2    99.81.44.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-44-108.eu-west-1.compute.amazonaws.com
r.scoota.co
3    2a05:d018:d29:3605:9b7c:1499:54cd:6891 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    104.18.36.94 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
3    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    34.193.228.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-228-225.compute-1.amazonaws.com
geoip.instiengage.com
4    2600:9000:21f3:9a00:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
1    35.175.58.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-58-71.compute-1.amazonaws.com
cms.instiengage.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    18.210.87.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-87-63.compute-1.amazonaws.com
a.audrte.com
1    34.199.177.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-177-9.compute-1.amazonaws.com
sync.ipredictive.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
Apex Domain
Subdomains		 Transfer
64 googlesyndication.com
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
3a96a8120a9ce8d2357fea80ddd9a943.safeframe.googlesyndication.com
472 KB
60 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
ad.doubleclick.net — Cisco Umbrella Rank: 173
419 KB
44 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 458
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
image6.pubmatic.com — Cisco Umbrella Rank: 662
image8.pubmatic.com — Cisco Umbrella Rank: 561
image2.pubmatic.com — Cisco Umbrella Rank: 882
simage2.pubmatic.com — Cisco Umbrella Rank: 671
image4.pubmatic.com — Cisco Umbrella Rank: 822
simage4.pubmatic.com — Cisco Umbrella Rank: 1110
aud.pubmatic.com — Cisco Umbrella Rank: 4434
176 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28280
ad4m.at — Cisco Umbrella Rank: 9541
assets.ad4m.at — Cisco Umbrella Rank: 36321
1 MB
26 killerfrogs.com
forum.killerfrogs.com
704 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 823
38 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
as-sec.casalemedia.com — Cisco Umbrella Rank: 1339
dsum.casalemedia.com — Cisco Umbrella Rank: 1372
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
14 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 426
48 KB
17 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6735
router.infolinks.com — Cisco Umbrella Rank: 2500
rt3061.infolinks.com — Cisco Umbrella Rank: 67923
323 KB
13 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1552
gw.geoedge.be — Cisco Umbrella Rank: 1724
399 KB
12 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 546
pixel.adsafeprotected.com — Cisco Umbrella Rank: 605
dt.adsafeprotected.com — Cisco Umbrella Rank: 518
98 KB
11 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1118
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
30 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
9 instiengage.com
auth.instiengage.com — Cisco Umbrella Rank: 18526
product.instiengage.com — Cisco Umbrella Rank: 21430
geoip.instiengage.com — Cisco Umbrella Rank: 23993
static.instiengage.com — Cisco Umbrella Rank: 27536
cms.instiengage.com — Cisco Umbrella Rank: 32327
163 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
3 KB
9 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1821
lexicon.33across.com — Cisco Umbrella Rank: 1762
ssc-cms.33across.com — Cisco Umbrella Rank: 874
1 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 390
mug.criteo.com — Cisco Umbrella Rank: 2725
dis.criteo.com — Cisco Umbrella Rank: 631
9 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
6 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
5 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
3 KB
7 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 746
cdn.flashtalking.com — Cisco Umbrella Rank: 1032
d9.flashtalking.com — Cisco Umbrella Rank: 1596
secure.flashtalking.com — Cisco Umbrella Rank: 2224
55 KB
7 openx.net
insticator-d.openx.net — Cisco Umbrella Rank: 21698
oajs.openx.net — Cisco Umbrella Rank: 2629
google-bidout-d.openx.net — Cisco Umbrella Rank: 2541
os4m-d.openx.net — Cisco Umbrella Rank: 31164
u.openx.net — Cisco Umbrella Rank: 656
1 KB
7 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 8304
2 KB
6 adnxs-simple.com
lax1-ib.adnxs-simple.com — Cisco Umbrella Rank: 21142
cdn.adnxs-simple.com — Cisco Umbrella Rank: 16107
36 KB
6 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3508
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4295
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4474
signal-segments.s-onetag.com — Cisco Umbrella Rank: 8686
19 KB
5 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1413
sync.1rx.io — Cisco Umbrella Rank: 519
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
109 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1373
c1.adform.net — Cisco Umbrella Rank: 582
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
216 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 984
bcp.crwdcntrl.net — Cisco Umbrella Rank: 744
sync.crwdcntrl.net — Cisco Umbrella Rank: 714
11 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1084
id5-sync.com — Cisco Umbrella Rank: 479
20 KB
5 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 24482
event.insticator.com — Cisco Umbrella Rank: 19980
668 B
5 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
3 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5922
adservice.google.de — Cisco Umbrella Rank: 8709
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
1 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 465
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
2 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 99097
static-de.ad4mat.net — Cisco Umbrella Rank: 135123
8 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 448
tps.doubleverify.com — Cisco Umbrella Rank: 457
tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9195
109 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22314
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24650
740 B
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13081
pixel.onaudience.com — Cisco Umbrella Rank: 3206
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
2 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 17892
api.webgains.io — Cisco Umbrella Rank: 57986
31 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15574
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
702 B
3 opstag.com
cdn1.opstag.com — Cisco Umbrella Rank: 25184
111 KB
3 technoratimedia.com
insticator.technoratimedia.com — Cisco Umbrella Rank: 23034
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 2560
8 KB
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 961
484 B
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
15 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1771
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4014
624 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
943 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 32840
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 25718
2 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1298
565 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4495
562 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1902
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
764 B
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 74155
593 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 73310
371 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4467
751 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 41131
ipac.ctnsnet.com — Cisco Umbrella Rank: 5115
922 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3075
786 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
101 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6867
258 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
441 B
2 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1324
2 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1891
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3009
593 B
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1477
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1411
92 KB
2 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 30267
30 KB
2 readymoon.com
readymoon.com
28 KB
2 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
130 KB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 398
imasdk.googleapis.com — Cisco Umbrella Rank: 413
140 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 830
554 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2386
383 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3087
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
708 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3659
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1949
534 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 559
191 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16063
367 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5822
282 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6159
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 840
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
619 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
588 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 2762
413 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1486
367 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 57421
19 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 45190
2 KB
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 85917
517 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 62594
635 B
1 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 19106
697 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 106057
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 80510
1 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2182
173 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 661
441 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3970
522 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1554
345 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 2780
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 6416
2 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 2563
904 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2812
8 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 762
364 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
43 KB
0 agkn.com Failed
fid.agkn.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 betrad.com Failed
c.betrad.com Failed
500 115
Domain Requested by
39 tpc.googlesyndication.com rumcdn.geoedge.be
forum.killerfrogs.com
tpc.googlesyndication.com
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
27 cm.g.doubleclick.net 10 redirects d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
26 forum.killerfrogs.com 1 redirects forum.killerfrogs.com
19 pagead2.googlesyndication.com rumcdn.geoedge.be
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
forum.killerfrogs.com
16 securepubads.g.doubleclick.net storage.googleapis.com
securepubads.g.doubleclick.net
rumcdn.geoedge.be
forum.killerfrogs.com
www.googletagservices.com
14 simage2.pubmatic.com ads.pubmatic.com
12 assets.ad4m.at as.ad4m.at
12 ib.adnxs.com 3 redirects forum.killerfrogs.com
df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
acdn.adnxs.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 match.adsrvr.org js-sec.indexww.com
ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at rumcdn.geoedge.be
as.ad4m.at
ad4m.at
8 ap.lijit.com 2 redirects df80k0z3fi8zg.cloudfront.net
rumcdn.geoedge.be
cdn1.opstag.com
8 www.google.com 2 redirects forum.killerfrogs.com
tpc.googlesyndication.com
rumcdn.geoedge.be
7 x.bidswitch.net 7 redirects
7 image6.pubmatic.com 4 redirects ads.pubmatic.com
7 dt.adsafeprotected.com forum.killerfrogs.com
7 ex.ingage.tech 1 redirects df80k0z3fi8zg.cloudfront.net
ads.pubmatic.com
ssum-sec.casalemedia.com
7 rt3061.infolinks.com resources.infolinks.com
rumcdn.geoedge.be
forum.killerfrogs.com
7 rumcdn.geoedge.be forum.killerfrogs.com
rumcdn.geoedge.be
7 resources.infolinks.com forum.killerfrogs.com
rumcdn.geoedge.be
resources.infolinks.com
6 eus.rubiconproject.com df80k0z3fi8zg.cloudfront.net
eus.rubiconproject.com
ex.ingage.tech
cdn1.opstag.com
6 ad.doubleclick.net 6 redirects
6 gw.geoedge.be rumcdn.geoedge.be
6 ssc.33across.com forum.killerfrogs.com
df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
6 ads.pubmatic.com forum.killerfrogs.com
df80k0z3fi8zg.cloudfront.net
ads.pubmatic.com
cdn1.opstag.com
5 ups.analytics.yahoo.com 4 redirects df80k0z3fi8zg.cloudfront.net
5 cdn.ampproject.org rumcdn.geoedge.be
5 lax1-ib.adnxs-simple.com blank
lax1-ib.adnxs-simple.com
cdn.adnxs-simple.com
5 www.googletagservices.com rumcdn.geoedge.be
forum.killerfrogs.com
5 googleads.g.doubleclick.net rumcdn.geoedge.be
forum.killerfrogs.com
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
5 d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
5 fastlane.rubiconproject.com forum.killerfrogs.com
df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
5 hbopenbid.pubmatic.com forum.killerfrogs.com
df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
5 ads.servenobid.com forum.killerfrogs.com
4 static.instiengage.com
4 token.rubiconproject.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 match.prod.bidr.io 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ssum-sec.casalemedia.com df80k0z3fi8zg.cloudfront.net
js-sec.indexww.com
ssum-sec.casalemedia.com
4 sync.1rx.io 4 redirects
4 image2.pubmatic.com 2 redirects ads.pubmatic.com
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 gum.criteo.com 2 redirects rumcdn.geoedge.be
4 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
4 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
4 htlb.casalemedia.com forum.killerfrogs.com
df80k0z3fi8zg.cloudfront.net
3 pixel.rubiconproject.com 1 redirects
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
3 secure.adnxs.com 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 sync.crwdcntrl.net ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 image8.pubmatic.com 2 redirects
3 www.awin1.com 2 redirects as.ad4m.at
3 pm.w55c.net 3 redirects
3 onetag-sys.com 1 redirects cdn1.opstag.com
3 mug.criteo.com forum.killerfrogs.com
3 cdn1.opstag.com rumcdn.geoedge.be
cdn1.opstag.com
3 adservice.google.com rumcdn.geoedge.be
securepubads.g.doubleclick.net
3 adservice.google.de rumcdn.geoedge.be
securepubads.g.doubleclick.net
3 btlr.sharethrough.com forum.killerfrogs.com
3 c2shb.ssp.yahoo.com forum.killerfrogs.com
3 static.adsafeprotected.com readymoon.com
pixel.adsafeprotected.com
blank
3 router.infolinks.com resources.infolinks.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cr.frontend.weborama.fr 2 redirects
2 a.audrte.com 1 redirects
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 ad.turn.com 2 redirects
2 r.scoota.co 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 cm.adgrx.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 d5p.de17a.com 2 redirects
2 acdn.adnxs.com df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
2 ssc-cms.33across.com df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
2 ads.betweendigital.com 2 redirects
2 u.openx.net df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
2 api.webgains.io analytics.webgains.io
2 dsum.casalemedia.com 2 redirects
2 pixel.tapad.com 1 redirects resources.infolinks.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 pool.admedo.com 2 redirects
2 static-de.ad4mat.net as.ad4m.at
2 match.360yield.com 2 redirects
2 prod-rtb.ad4mat.net rumcdn.geoedge.be
2 cdn.doubleverify.com cdn.flashtalking.com
forum.killerfrogs.com
2 d9.flashtalking.com cdn.flashtalking.com
d9.flashtalking.com
2 cdn.flashtalking.com servedby.flashtalking.com
blank
2 pixel.adsafeprotected.com lax1-ib.adnxs-simple.com
forum.killerfrogs.com
2 servedby.flashtalking.com forum.killerfrogs.com
blank
2 pubads.g.doubleclick.net 1 redirects forum.killerfrogs.com
2 s0.2mdn.net d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 googleads4.g.doubleclick.net rumcdn.geoedge.be
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 oajs.openx.net 1 redirects forum.killerfrogs.com
2 prebid.a-mo.net df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
2 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
2 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
cdn1.opstag.com
2 insticator.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 signal-segments.s-onetag.com get.s-onetag.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 auth.instiengage.com rumcdn.geoedge.be
auth.instiengage.com
2 cdn.confiant-integrations.net d3lcz8vpax4lo2.cloudfront.net
cdn.confiant-integrations.net
2 js-sec.indexww.com storage.googleapis.com
df80k0z3fi8zg.cloudfront.net
2 static.solutionshindsight.net storage.googleapis.com
static.solutionshindsight.net
2 www.google.de forum.killerfrogs.com
2 readymoon.com forum.killerfrogs.com
readymoon.com
2 stats.g.doubleclick.net www.google-analytics.com
1 idsync.frontend.weborama.fr
1 sync.ipredictive.com 1 redirects
1 mwzeom.zeotap.com
1 aud.pubmatic.com
1 cms.instiengage.com product.instiengage.com
1 geoip.instiengage.com product.instiengage.com
1 product.instiengage.com d3lcz8vpax4lo2.cloudfront.net
1 tpsc-eu3.doubleverify.com cdn.doubleverify.com
1 id.a-mx.com cdn1.opstag.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 px.ads.linkedin.com
1 secure-assets.rubiconproject.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.aralego.com df80k0z3fi8zg.cloudfront.net
1 ad-cdn.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 lexicon.33across.com ads.pubmatic.com
1 dmp.brand-display.com 1 redirects
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 banner.congstar.de as.ad4m.at
1 www.conrad.de as.ad4m.at
1 www.zenaps.com 1 redirects
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 tr.blismedia.com d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 secure.flashtalking.com blank
1 tps.doubleverify.com cdn.doubleverify.com
1 3a96a8120a9ce8d2357fea80ddd9a943.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tag.1rx.io cdn1.opstag.com
1 os4m-d.openx.net cdn1.opstag.com
1 cdn.adnxs-simple.com lax1-ib.adnxs-simple.com
1 google-bidout-d.openx.net rumcdn.geoedge.be
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 protected-by.clarium.io d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 prod.uidapi.com rumcdn.geoedge.be
1 tags.crwdcntrl.net rumcdn.geoedge.be
1 invstatic101.creativecdn.com rumcdn.geoedge.be
1 cdn.id5-sync.com rumcdn.geoedge.be
1 id.sharedid.org rumcdn.geoedge.be
1 static.criteo.net rumcdn.geoedge.be
1 oa.openxcdn.net rumcdn.geoedge.be
1 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
1 web.hb.ad.cpe.dotomi.com df80k0z3fi8zg.cloudfront.net
1 signal-beacon.s-onetag.com rumcdn.geoedge.be
1 as-sec.casalemedia.com js-sec.indexww.com
1 get.s-onetag.com rumcdn.geoedge.be
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 api.rlcdn.com js-sec.indexww.com
ads.pubmatic.com
1 imasdk.googleapis.com forum.killerfrogs.com
1 d3lcz8vpax4lo2.cloudfront.net forum.killerfrogs.com
1 storage.googleapis.com forum.killerfrogs.com
1 www.googletagmanager.com forum.killerfrogs.com
0 fid.agkn.com Failed cdn1.opstag.com
0 cm-supply-web.gammaplatform.com Failed ssum-sec.casalemedia.com
0 c.betrad.com Failed blank
500 193

This site contains links to these domains. Also see Links.

Domain
killerfrogs.com
buy.ticketstothecity.com
Subject Issuer Validity Valid
forum.killerfrogs.com
AlphaSSL CA - SHA256 - G2		 2021-11-06 -
2022-12-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-14 -
2023-06-14		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
readymoon.com
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
solutionshindsight.net
Amazon		 2022-01-20 -
2023-02-18		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
gw.geoedge.be
Amazon		 2022-09-12 -
2023-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-27 -
2023-08-26		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.confiant-integrations.net
E1		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2022-07-13 -
2023-08-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
id.sharedid.org
Amazon		 2022-11-08 -
2023-12-07		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2022-11-02 -
2023-01-31		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.opstag.com
Amazon		 2022-09-29 -
2023-10-27		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2022-09-26 -
2022-12-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2022-02-25 -
2023-03-28		 a year crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA		 2022-01-02 -
2023-02-02		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-11 -
2023-11-12		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-20 -
2023-05-20		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2022-07-25 -
2023-08-26		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-10-15 -
2023-01-13		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh

This page contains 78 frames:

Primary Page: https://forum.killerfrogs.com/index.php?forums/-/list
Frame ID: E57B631F12EC0D8B8EDAEF360BD44F3D
Requests: 165 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3260010&wsid=7&pdom=forum.killerfrogs.com&purl=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist
Frame ID: 2BC807DCD344F824F99F4C3ECDB42A6C
Requests: 1 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 3DA4C5E32AF05F4A386C82C7D1FA3917
Requests: 2 HTTP requests in this frame

Frame: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA0BDC0D3BB51C71389821A83B71BCC4
Requests: 1 HTTP requests in this frame

Frame: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7746BD0014D3646B896560412488F43C
Requests: 20 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=forum.killerfrogs.com
Frame ID: DA544A584C2DF1A3D1FADD735C1758E7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYvOm02AEwAQ&v=APEucNVTEOEv9L8GkI-TyQckc1rRBaJG4QvkCJKK0tEXJCB6jKKHOrNNn1NH2F9IMhe1kkLotmYubKqhty2KAc7Es4FvPJATgGqNPLiXPHeVqlHBSZmi-RfRyDjnIChe31kAqQl6_Ln00c6zR9cXUSbznpOf5BoqF0wTf2fb87L-gzjoNr4TyZY
Frame ID: B8C2BC59D64FAB862D15E3AD77B8A05C
Requests: 3 HTTP requests in this frame

Frame: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 99EDFC17DD9B35D6B6A781E1978BC554
Requests: 11 HTTP requests in this frame

Frame: https://lax1-ib.adnxs-simple.com/ab?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QLFDmxFBwAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF4ASo2CcT1KFyPwtU_EVqGONbFbdA_GQAAAKBwPR1AIRESBCnDDSTYMQAAAOB6FPI_MLbk1Qw4sxlA2AhIAlDX4Py8AVjF0okBYABoyo6hAXjO5QOAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDQ1Nzk3OTgsIDApOwEULGknLCA3Njg4MjEzLBEULGcnLCAxOTIwNTIzNRUVLGMnLCA1NDE3MTM0MhUVMHInLCAzOTYzMDg1NjcFFvCQkgKpBSFRNG5kX2dqT3Jlb1pFTmZnX0x3QkdBQWd4ZEtKQVRBQk9BQkFBRWpZQ0ZDMjVOVU1XQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZWVvNGhLUXd0VV93UUhucU9JU2tNTFZQOGtCQUFBQUFBQUE4RF9aQVFBQQUPdFBBXzRBR1ZvTlVEOVFIRDlUQkFtQUlBb0FJQ3RRSQUjAHYNCPC8d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMdWt5U1lRQkJnQkxSQWRmem1pQXhNSWthbkRKUkFLR0FFdHRQYUVQeklEZFc1cnVnTUpURUZZTVRvMU9UWXc0QVBsTDRBRTRkTzBDWWdFNHRPMENaQUVBSmdFQkxJRUNnalJoZUVNRU1fVW9RMnlCQW9JMDVMYURCRFAxS0VOdWdRYUNJVUVFUUFBQUFBQUFOQV9HEQxYQUFBSUtmMTVRNjZCQm9JbmdrUm1wbVoBAgx5VDhaASANATBnMFlYaERNRUV6Y3pNAQIQM0RfSkINHQEBFDJBUUE4US5ZABhnRnlDNnBCERMUUEFfc1FVASsJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmRDSkF2QUY4NWlVQ2ZnRjFzT1hBb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdBQUEFAixCRUNvQmdTeUJpUUoFEQkBAFIJBwUBLuwAAGgFEgUBREM0QmdvLpoCmQEhS2hoWkVBajatAixNWFNpUUVnQUNnQU0R6VRBUkFPZ2xNUVZneE9qVTVOakJBNVM5FXkIOEQ5HXkAQh15CEJoejVdBDlwBYAFAQRCeAUHBQFBaABrNXjwSThEOC6yAgEw2AKkQ-AC6vkl6gIVZm9ydW0ua2lsbGVyZnJvZ3MuY29t8gIRCgZBRFZfSUQSBzQ1Nzk3OTjyAhIKBkNQR19JRBIIccgY8gIKCgVDUAEoOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAAHgkgLENPREUSEjAwMThkMAEBPDduYVdQQUFZ8gInCghDUEcJIQwbYTFuDSFcMHVENWJBQUVEaXNjb3ZlcnnyAgsKB0NQCSkcAPICEAoFSU8BhgAHjXYY8gIdCgdJTwkhABJGSgBA8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCLATCAAwGIAwCQAwCYAxSgAwGqAwDAA6wCyAMA2AP7iQbgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAo4MS45NS41LjMwqATPTbIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjExMTIjTEFYMTo1OTYw2gQCCAHgBADwBNfg_LwBiAUBmAUAoAXRP_BA_wGqBSpiYTdlNDk1MS1iMTM2LTQ5MzAtOGI5Zi1kNTZmYzk2OTg1OGR-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAFDHAAANgFAeAFAfAFBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=c9722f410fe077db462b7e95b9d1f6ddb3de969e&pp=0.2567
Frame ID: 0049F694FDE2A514E7E85578058C748E
Requests: 17 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Frame ID: CB76C556C0507341611FFAAF4F2F1C11
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 577A341314D78F5253E96F87AFE76B59
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E7BC64DB6A6C096D9B4F3CFD571AD01A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html
Frame ID: D935B6030D32F96D463EDE21C18BFEB8
Requests: 15 HTTP requests in this frame

Frame: https://cdn1.opstag.com/13437/prebid.js
Frame ID: A84EB1A7F3E9D7691BE3C617BBDA3E6C
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CBB436B2597BACD0F212601307D9DB3B
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13385103&gdpr_consent=&us_privacy=
Frame ID: 302A7077CD7A12C8E58821D8DDA4B0F4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F20A42BE35850D9D5171BC8BFEA66215
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3196.js
Frame ID: 574F3A581C8D656BE37C194F40BE8128
Requests: 3 HTTP requests in this frame

Frame: https://3a96a8120a9ce8d2357fea80ddd9a943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FE2E9CE924D6EDD570735ED3D1E7C6C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE8BD2E909F640B121D580DB1EFC0E73
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 244C295F24DFAD520FBD5171A7DE5B3E
Requests: 2 HTTP requests in this frame

Frame: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9D9A83172BF334DC82661A31379E8F4
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hjwatam0x2rm88xs1a00xpa14v5erb0fns6nv2ed4xxt5v8zfp4f3mh5qt0cnpapdb3y83tgbsg1mm4txb68bdv1ryx6em8h1ksbd0mqnbsfykppvbtbt0nwabj7zafa5j2mw08xfp2kfn637jkvk5gxv9r0rp3xx34g9debg01mb87hk32m89zx00sv5wzxyb8y2y5nz4379nrxhzb24m8qydksh99jbyh82hbxhbnqbeknvfxz063h8cyrz3accj8mfh0q3nm8p74ahvassecthg0zfavnmqrp90vt8kf85c82yg75jnpva60b0shsgz8srycvfj94w5g5nt30n19w7hnrrc58090dd9gxsphz3mjv93twnyxdp01yzs0bpdc0g7q2ypfyk762nbmy6vdjhsyqe60a6g83g8k8x70rfs9mph78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: 0AC68EA7527DB58635672C781152FA15
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0006361651F4C8AA6038007D22CC8F65
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D7F938163EBBF16D2A73D3041145B9CF
Requests: 1 HTTP requests in this frame

Frame: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B8C7C499F10EB5897B9C71FB5CFD345B
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jp24mw9p742ktzhcdhqpbvyhewppp3d2aqd2f6qgwsva2mk3m3vvfhhk0na194pdb8tdtk55mzyysfydy636yftn74c43zt1ktchq14mcaxw3a1xen3bdbjyt56wnzkqywj0v9t1s8je4fqwcqzttw7sj4xgjj7s3gjyj3zzr36bfzt0ccqfkwjqfrdpyenwjnb3sb3179k5b4fncdw4dw9vckwwjv633005sh3hvdh00tbahseq538kkdftdybkkygz02y22jvzdngtye3p6x12n8b6aj51d6xjpjfkj6dxyca1xqp6e3j82xtkb100xct5s6q43zpnmmm1dhgqx26as9wwvm989m71fhptmmh3g1taad76ntbrprecs09ahk8dtqbar8nqv2meywn9r8pz27z4cb8ygrnfrb5ank4jt3xt2hva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: A5EA377D995B1E0E56E31B42752D6D47
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A3A3068481785BBCE3BA40BF0EEC122B
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E769600098EA212BD3452471D0BDE784
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Frame ID: 934361A7E9EF5169E06263F885DF3670
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Frame ID: 06EF9E0CAD04BFD1A435E32A6C65E58D
Requests: 14 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: 08F03BB642451F5ADB6B32459925F47A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4DFF62F020D990E04E7E0235DA25502D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A57B32EFEC2B1C36C7253F34063C0003
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5782922661
Frame ID: FACA79CBC935B34B3319AD02DE4EC164
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: 4D769D0DC045A9A1922DBDE5DD591646
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Frame ID: FB37F866AB40E6C8884D3150AF0AC757
Requests: 17 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 625995FE050CEFE27F5ABEB2B19EFE38
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/betweenx/9db56c19-4744-4b76-a4d4-21e5bdcd926d?uid=23203a1f-f110-5243-aa60-5782c918bd18
Frame ID: A10BF4F63279852E8BA705169F0068A3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B54A7F8C4799DB49686676EF5DC97495
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 782F06B0EFD95626A77E7BFA88928DF0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Frame ID: 6AA5BBBC27AF82D5C88BCA8CA7115822
Requests: 10 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.29.0
Frame ID: 4C04AAEA93D42DBD02EC5CA8441C1925
Requests: 1 HTTP requests in this frame

Frame: https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DUCFUID
Frame ID: A30FDB4288D84DBD1546CC2F4B6D9540
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7AC8CFF73446E4D263FD4945F77BF48E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D0AB16715039D79EB657DF35AD329709
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: 8BE462FCB8D36C2D64F3379BA8D98709
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
Frame ID: 893BF5574FA281BEA2B34B9B16DD6662
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1271606574105065392
Frame ID: 807A707AAE7E4DB97ED5BF5203C3D21B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76556378-ea9b-4200-a08d-76085ccc2d72&gdpr=0&gdpr_consent=
Frame ID: B5623093D1B924FDBE3FA081EECCBAFE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 9F04EFBCA9EEA035FAC356DFBF7E527A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 6F5CBB8E8A17E49DA6D69C1B4EBE7841
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1052156515884976696&gdpr=0&gdpr_consent=
Frame ID: A11E9820E110F1AD7CF60CE62AC3B94F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD
Frame ID: 8234A795408E5837F617452AD7F12B05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167736754130253974&gdpr=0&gdpr_consent=
Frame ID: 55AFCECAFD523DDE4CDAE3DE3AAB2E15
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: E98094ACEF90E9C70C98548D0EC7243A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8FN6kpJPR7FLbGHFL4tMdVFfBSY
Frame ID: FE8F2B55474A62D3B79487FD664F68C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3jqmgAJTN8wLgAO&gdpr=0&gdpr_consent=&_test=Y3jqmgAJTN8wLgAO
Frame ID: 8E7C49B3F0567DCF7F099A8D2CB6C86B
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 5A71680C750B59A4A5C6D3EFE90D19E7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 33FF8CE9254562630587A5FAF7CC1176
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: F89A52B681E13BC5F5F7BB7EC5EDBC19
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B640C72AC76474527E3500E32734B8B2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2168101935
Frame ID: FA844A2B37107C59E1E5D15098B63DBE
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRVgnXVhVahbjjYUa
Frame ID: F3B5AF6EBE52E310F26FF55D12EF6966
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: EC4657ADF19B551FC7F957D8FB5A61EE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0A85CDA985370AA3A45D9CDCD728E0A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QjnGoXSM1OWp045&gdpr=0&gdpr_consent=
Frame ID: A476DF87EF6A6596531519632FD91BB8
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/pubmatic/9db56c19-4744-4b76-a4d4-21e5bdcd926d?uid=A546330C-3216-4850-BC79-A83D4A431B66
Frame ID: 35F871B81FB984E0D13DC85984B5832A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 876E3800DC12EC3B2A64EA7FD0E9150D
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 697E62FE63CA91D823ABD1406F9D7FE5
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13395636
Frame ID: 6F5963491D45225AD4810E61C57B73B2
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a5AaH8kr4r64m5aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 70645F8CFC8EBF9638A91D5DF0ACBFAC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EEE366889FFC0354F3B601D2A5E3CD59
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CB79B133038E2BD557AD6A2A00B4F6B4
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: 406A2432AA3CF906ECD97A8A7A16398E
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668868760130
Frame ID: 3C746575835B046409773EC7CEA5D0F8
Requests: 1 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/f9d09da6-64e2-45fc-863c-d98297c31dd8.js
Frame ID: DE549529DDECAE6579830C747089C0ED
Requests: 7 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:33C3A85ED9DD44C0ADCBF5960E8FE321&gdpr=0&gdpr_consent=
Frame ID: D68C42AE7BA962C115929103EBA7F478
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Forum list | KillerFrogs.com - Lowering Office Productivity since 1997

Page URL History Show full URLs

  1. https://forum.killerfrogs.com/ HTTP 301
    https://forum.killerfrogs.com/index.php?forums/-/list Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

500
Requests

86 %
HTTPS

29 %
IPv6

115
Domains

193
Subdomains

141
IPs

14
Countries

5396 kB
Transfer

13784 kB
Size

156
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forum.killerfrogs.com/ HTTP 301
    https://forum.killerfrogs.com/index.php?forums/-/list Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&rid=esp&cc=1
Request Chain 153
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=killerfrogs.com&sn=ChromeSyncframe&so=0&topUrl=forum.killerfrogs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=uDP_YXx1R1Bvb0R4emVpQVFmWWFlUnFBTjQ2QlVlRENLQlVqN2pWbjQ3MGJ5VW1UaExrNzlpMVRWbGQ2NEU1MWI2Vmwrazhtd1lVUWhaUTJRYStvOVBjQWVXdGdJMUp3S3dkbjJJd1pEWGRwMXRJelBKU1k4V3ExZWdLcCs1eTJ2M2VkendyZUVTN0tyc3F2a0dvVW5XL1h2RmxSaEFIbmlLNFdNa1BJcWNkelhHclFBYzhSN2dUbXdPQjV6OWZ0RDVocDkrbzdKbGVPbldJUXZDd0RPZHh1elQ3cHZCZzFjQ0FPTVFzRnBCdkN1OWxGOGpQY04wcndSWDZDTTVOeXp4enVCSjltSGxnei9GZ204RGlENnlvVWFRUT09fA&cppv=2
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDgl5tj5c4csp64TuuC757s&google_cver=1
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMmR24MSTyhK64kjPB5c7OU&google_cver=1&adform_v=1
Request Chain 198
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/sportspublishinggroup/killerfrogs-13437-728x90-ads-desktop-pixel&sz=1x1&t=&c=5497310047 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/sportspublishinggroup/killerfrogs-13437-728x90-ads-desktop-pixel&sz=1x1&t=&c=5497310047&pre=1
Request Chain 199
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 212
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 282
  • https://um.simpli.fi/gp_match?google_gid=CAESEKRjpUtHeLESnw5xwWkg0Xw&google_cver=1&google_push=ASkJ3FYtZFX0FkcKcXGSr4TQF9W5wxAUInsXViS5-PS6lBRqKd8_-Eo3BwUx0VejKzC-UWQOeyo9Fi7t34JWNcrld_iJFGU7bg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=33C3A85ED9DD44C0ADCBF5960E8FE321&google_push=ASkJ3FYtZFX0FkcKcXGSr4TQF9W5wxAUInsXViS5-PS6lBRqKd8_-Eo3BwUx0VejKzC-UWQOeyo9Fi7t34JWNcrld_iJFGU7bg
Request Chain 283
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKuLWE0IozQXIsCyH1_PkfI&google_cver=1&google_push=ASkJ3FZ9K7gLNRrM8jv2P_wnDmN8lvfSur7nX3uDMZ5iVEwEVnXoe5iA8xtucvtZlCFZCTEF_l4ijCkGCOHLLcOviCUHzd_a7g HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKuLWE0IozQXIsCyH1_PkfI&google_cver=1&google_push=ASkJ3FZ9K7gLNRrM8jv2P_wnDmN8lvfSur7nX3uDMZ5iVEwEVnXoe5iA8xtucvtZlCFZCTEF_l4ijCkGCOHLLcOviCUHzd_a7g&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ9K7gLNRrM8jv2P_wnDmN8lvfSur7nX3uDMZ5iVEwEVnXoe5iA8xtucvtZlCFZCTEF_l4ijCkGCOHLLcOviCUHzd_a7g
Request Chain 284
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED-v5xpyPAFgBVM78-U-ODA&google_cver=1&google_push=ASkJ3FbaKTpgb1O0se6tfY44P7tJpADKVPOPAQFU78SzHDgeS2gAl8a0GE_pWKOtYclOkL0InP7ja0kPJs31PiN-TREGHi0gXw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED-v5xpyPAFgBVM78-U-ODA&google_cver=1&google_push=ASkJ3FbaKTpgb1O0se6tfY44P7tJpADKVPOPAQFU78SzHDgeS2gAl8a0GE_pWKOtYclOkL0InP7ja0kPJs31PiN-TREGHi0gXw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbaKTpgb1O0se6tfY44P7tJpADKVPOPAQFU78SzHDgeS2gAl8a0GE_pWKOtYclOkL0InP7ja0kPJs31PiN-TREGHi0gXw&google_hm=FrYPvGZH-ym0YxxUROWJeC84
Request Chain 285
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPetBZmoo7J1ybL7AVlaiHo&google_cver=1&google_push=ASkJ3FbsVTnIYCco1pxc4nxSnXSwDPzcvunUyC_uv0Jip_E9uWPVTP9WFSlP-G22xnC_t6eg2TTZSgubKJ5-QhFq3hCj94ixAVE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbsVTnIYCco1pxc4nxSnXSwDPzcvunUyC_uv0Jip_E9uWPVTP9WFSlP-G22xnC_t6eg2TTZSgubKJ5-QhFq3hCj94ixAVE
Request Chain 286
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEACa5HykG_4Wzhxfn1HbcUQ&google_cver=1&google_push=ASkJ3Fbo0a3ZdjKokwQ2jAl2CQg8pJAXv4ELDTkTbWqWLJn6_mEGMs5GwnxLw0qYyy8y3lljBfPglmP5ydhSqSrHF7O1UqnDDfc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fbo0a3ZdjKokwQ2jAl2CQg8pJAXv4ELDTkTbWqWLJn6_mEGMs5GwnxLw0qYyy8y3lljBfPglmP5ydhSqSrHF7O1UqnDDfc
Request Chain 287
  • https://match.360yield.com/match/ebda?google_gid=CAESEJYqOTO_Jq21AAv9XIYL-GE&google_cver=1&google_push=ASkJ3FbACtk-pWpmjs8Hc3t3PiqY0G7y5DNDouz3pU2rr8VG-mhoaubevEnY3YG8oWBIKT4S31PvW-gSbWJ99L38EhCuhJLHlDc HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJYqOTO_Jq21AAv9XIYL-GE&google_cver=1&google_push=ASkJ3FbACtk-pWpmjs8Hc3t3PiqY0G7y5DNDouz3pU2rr8VG-mhoaubevEnY3YG8oWBIKT4S31PvW-gSbWJ99L38EhCuhJLHlDc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VUKH1orFQ1uJjuLk4WOLvw&google_push=ASkJ3FbACtk-pWpmjs8Hc3t3PiqY0G7y5DNDouz3pU2rr8VG-mhoaubevEnY3YG8oWBIKT4S31PvW-gSbWJ99L38EhCuhJLHlDc
Request Chain 288
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKksF-UUhzRgQRaHjvAkOsY&google_cver=1&google_push=ASkJ3FbY3NPzG7byzApNP935ScRqgXC23pPvsyNo255tYioElBvR3laxvUL5Vw3TjY9kZylqKioyp8ozpGDDj8VrF7iylUce2iyB HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKksF-UUhzRgQRaHjvAkOsY&google_cver=1&google_push=ASkJ3FbY3NPzG7byzApNP935ScRqgXC23pPvsyNo255tYioElBvR3laxvUL5Vw3TjY9kZylqKioyp8ozpGDDj8VrF7iylUce2iyB&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yZ2FIc19ORTJ1SGZMeWF5bHo5czcueFFydVg0eHFWeX5B&google_push=ASkJ3FbY3NPzG7byzApNP935ScRqgXC23pPvsyNo255tYioElBvR3laxvUL5Vw3TjY9kZylqKioyp8ozpGDDj8VrF7iylUce2iyB
Request Chain 311
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPibVybOohECE-LNa-7ckDk&google_cver=1&google_push=ASkJ3FZ7eU6_oyg1nLLQ2s6Yh55xsMcFetGcPEF4Hnin-_ulQZd7nbXDFo1NxnjwwtzwF0GRDWkwf9J-ETrR8vV0IH51BJ200Q HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPibVybOohECE-LNa-7ckDk&google_cver=1&google_push=ASkJ3FZ7eU6_oyg1nLLQ2s6Yh55xsMcFetGcPEF4Hnin-_ulQZd7nbXDFo1NxnjwwtzwF0GRDWkwf9J-ETrR8vV0IH51BJ200Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWpuR29YU00xT1dwMDQ1&google_gid=CAESEPibVybOohECE-LNa-7ckDk&google_cver=1&google_push=ASkJ3FZ7eU6_oyg1nLLQ2s6Yh55xsMcFetGcPEF4Hnin-_ulQZd7nbXDFo1NxnjwwtzwF0GRDWkwf9J-ETrR8vV0IH51BJ200Q
Request Chain 312
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED75gNtO_ID1-_dMYeOiRjQ&google_cver=1&google_push=ASkJ3FadeRjh84qEqLY0nWpUkXGrgAE2gOydJUPdFPzYrwkcgCSH-xA_FjunDnlsVUO83wZNjkYtOTf8a9MoLwwEhTnQkmKWiE0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FadeRjh84qEqLY0nWpUkXGrgAE2gOydJUPdFPzYrwkcgCSH-xA_FjunDnlsVUO83wZNjkYtOTf8a9MoLwwEhTnQkmKWiE0&google_hm=mD6JLN0DS9GOHuJpWZvsYyY
Request Chain 314
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFOR1RJho6AbpcvQ_DZge_A&google_cver=1&google_push=ASkJ3FaVQKYCD5sjU3ZWP-GHMqg2BjJ5AlOmFGtqGY4ELTw5XrrZP-xled_TnuRYcxj69H_dS98o4s6Fw3cIu0dOeNQ7xANzXg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFOR1RJho6AbpcvQ_DZge_A&google_cver=1&google_push=ASkJ3FaVQKYCD5sjU3ZWP-GHMqg2BjJ5AlOmFGtqGY4ELTw5XrrZP-xled_TnuRYcxj69H_dS98o4s6Fw3cIu0dOeNQ7xANzXg HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f9f9fa38-119c-49e9-8f33-1f92795c8b6b HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f9f9fa38-119c-49e9-8f33-1f92795c8b6b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=58b97118-599e-4bea-9699-2760a6c78b2a&user_group=1&ssp=google&bsw_param=f9f9fa38-119c-49e9-8f33-1f92795c8b6b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaVQKYCD5sjU3ZWP-GHMqg2BjJ5AlOmFGtqGY4ELTw5XrrZP-xled_TnuRYcxj69H_dS98o4s6Fw3cIu0dOeNQ7xANzXg&google_hm=-fn6OBGcSemPMx-SeVyLaw==
Request Chain 315
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKuLWE0IozQXIsCyH1_PkfI&google_cver=1&google_push=ASkJ3FbnmKcBDYSp7L99n8zQGGJJUKBtGBfIcCd1Rs17NcwjHujcOhZA15m5RFOtxjJJm7iwe1ZEVslG3YLvnc6qSLGgaIIG_KY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbnmKcBDYSp7L99n8zQGGJJUKBtGBfIcCd1Rs17NcwjHujcOhZA15m5RFOtxjJJm7iwe1ZEVslG3YLvnc6qSLGgaIIG_KY
Request Chain 316
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKksF-UUhzRgQRaHjvAkOsY&google_cver=1&google_push=ASkJ3FbkGrrPFvX5RhuFearxBvLW1VvMaeeM_icsb6G2O1Nt-yv8ukIONbmeACsFnY9RWiIw-zPvdJVllawvnxOHEDknQyymDg2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yZ2FIc19ORTJ1SGZMeWF5bHo5czcueFFydVg0eHFWeX5B&google_push=ASkJ3FbkGrrPFvX5RhuFearxBvLW1VvMaeeM_icsb6G2O1Nt-yv8ukIONbmeACsFnY9RWiIw-zPvdJVllawvnxOHEDknQyymDg2A
Request Chain 317
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDYIyw-AWesZsLUPa81TA_U&google_cver=1&google_push=ASkJ3FbfcN9pUuMS-Ok2Er--5KwSaDuwun_th0AqjskeZXpft2t7tZVNub0zKnVr1PgC7fvgqlpUkDMvAk7vuBRZQ8VoPOtEwW4x HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDYIyw-AWesZsLUPa81TA_U&google_cver=1&google_push=ASkJ3FbfcN9pUuMS-Ok2Er--5KwSaDuwun_th0AqjskeZXpft2t7tZVNub0zKnVr1PgC7fvgqlpUkDMvAk7vuBRZQ8VoPOtEwW4x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f9f9fa38-119c-49e9-8f33-1f92795c8b6b&%%GOOGLE_PUSH_PAIR%%
Request Chain 329
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJv1ss28uvsCFbDmuwgdDtIOEQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022111915392178690878077X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022111915392178690878077X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Request Chain 332
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLL3ss28uvsCFabEuwgd7hkLkw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022111915392178690878075X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 335
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=f44a25f0-6817-11ed-9792-223985e9a9b7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1668868761_f44a25f0-6817-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 344
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMvQt828uvsCFeiD_Qcd368PNQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668868761_f4596833-6817-11ed-9f2f-2266c0ccb091
Request Chain 358
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=3c3bf43e-8b06-4863-b480-ae03b21d0779=&partner_id=3337 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=3c3bf43e-8b06-4863-b480-ae03b21d0779=&partner_id=3337
Request Chain 365
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=360095&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=360095&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8e91b1c7-9317-180b-82bb3403
Request Chain 366
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTU0NjMzMEMtMzIxNi00ODUwLUJDNzktQTgzRDRBNDMxQjY2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECqpIReggPgQlL2pVMb9eiY&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 367
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668868761772 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8155244655
Request Chain 368
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D10141%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&cbimg=10141&uid=1052156515884976696
Request Chain 370
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1052156515884976696
Request Chain 373
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforum.killerfrogs.com%2F&domain=forum.killerfrogs.com&bundle=3N9mcV94UmpSMVFBbE5Gd21PaG1KM080JTJGM2I2JTJGWXBpdDd3Qk5XcGpCcmxkMSUyQnEwMGRiOSUyQm8lMkZKTnhmMVFQajh6TjVhZ2NBclZUMVlSWU04SEtMV3QzVFBrc2hQUUlxbm1kTmZVaWh3QXJEemFMMGFNVm5nRk5LdVh6dmVtbVlURnlWdDFNUWdlRmglMkJIekl5ekUlMkJ6ZUl5JTJCUjRBJTNEJTNE&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=0ZYlgHx4bHdOS1JSVnhsWVluMGp0SDEyREEvOTlUQStJTFlpa3RZZTFXZlIwdEkzN01INlM0ell6MC9SdHNNWDVWdnRjOTFObUcyeHRyeGxNQ00vSjlPaFNpdkF5MHc1c0ZNdy9BY2NsL2xwYkJxTVRXNHFDbUN5cUNBQ3pBTTZWOUR3K2FCMWpUTFFkM0g2NThmRGpnM2IxMXl3alN5Qk5tMm80UHNlZlU0bytaeEhwTUREMkpTYnQ3azVKTEJZaEE3WnFwSWc4aG12UU5CaUV1YkpSeVRnL25CU0xMZ0lSSFRtSEhQWFNCT1BQZXBYdGRVS3Z0ekZJYW9MSmxkMzd2ZE4yemdOUE1kaEtjWXFUS2w2UXJHNmxTZTJnQUlpLzdFS1ZPTk0rYll6ampsVT18&cppv=2
Request Chain 384
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=9db56c19-4744-4b76-a4d4-21e5bdcd926d&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5782922661
Request Chain 388
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://ex.ingage.tech/v1/sync/betweenx/9db56c19-4744-4b76-a4d4-21e5bdcd926d?uid=23203a1f-f110-5243-aa60-5782c918bd18
Request Chain 399
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
Request Chain 400
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1271606574105065392
Request Chain 401
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76556378-ea9b-4200-a08d-76085ccc2d72&gdpr=0&gdpr_consent=
Request Chain 402
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 403
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 404
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1052156515884976696&gdpr=0&gdpr_consent=
Request Chain 405
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD
Request Chain 406
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167736754130253974&gdpr=0&gdpr_consent=
Request Chain 407
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFVjAwN0c4ZFVBQUNDdGVxTFZEZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 408
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8FN6kpJPR7FLbGHFL4tMdVFfBSY
Request Chain 409
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3jqmgAJTN8wLgAO HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3jqmgAJTN8wLgAO&gdpr=0&gdpr_consent=&_test=Y3jqmgAJTN8wLgAO
Request Chain 411
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 414
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2168101935
Request Chain 415
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRVgnXVhVahbjjYUa
Request Chain 418
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QjnGoXSM1OWp045&gdpr=0&gdpr_consent=
Request Chain 420
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 421
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c1ee6378-ea9b-4700-813f-2c86c87637e3
Request Chain 422
  • https://pixel.onaudience.com/?partner=214&mapped=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9444b6c175d68b73d2f124129ec9d0c9&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 424
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3973753479677356042
Request Chain 426
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=35d28012-38f3-4aa7-a9f0-037c929d7131&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f9f9fa38-119c-49e9-8f33-1f92795c8b6b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 428
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CC0VhJVE2uXzEY2P8oipGvC_2.IbPGU-~A&gdpr=0&gdpr_consent=
Request Chain 431
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3701077014634676759&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 432
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1ebdc6e8-b3e5-4608-8c90-56d06b958a56&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 433
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1052156515884976696
Request Chain 438
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3jqmgAJOiEFcQA7 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3jqmgAJOiEFcQA7&_test=Y3jqmgAJOiEFcQA7
Request Chain 439
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3773134608672604695
Request Chain 440
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=068b6378-ea9b-4300-89c0-73b499017194
Request Chain 441
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=33C3A85ED9DD44C0ADCBF5960E8FE321
Request Chain 443
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1052156515884976696
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB0PzPo2zod_UrAMtgcTznM&google_cver=1
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB0PzPo2zod_UrAMtgcTznM&google_cver=1
Request Chain 448
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB&dcc=t
Request Chain 449
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3jqmXWi6NIqbBBRN6Ty8gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJRagkgsRsev8T1ighdqhfg&google_cver=1
Request Chain 450
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1052156515884976696
Request Chain 455
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 456
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAO1DB6O-1L-EF9Z
Request Chain 457
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LZ6GYuYARsSiaciTf80nCA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LZ6GYuYARsSiaciTf80nCA
Request Chain 460
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPMURCNk8tMUwtRUY5Wg==
Request Chain 461
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI1MDU0NTZlNjYxNDRlOGUyNmJjMDBjM2ZhNTEyZWYwZTE0ZWFmNw
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH6FnsxJ4qCDM48aiUrLwmU&google_cver=1
Request Chain 463
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-fzRQlk1L9pyYLUP9wRc1sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5803750675947982385
Request Chain 494
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:33C3A85ED9DD44C0ADCBF5960E8FE321&gdpr=0&gdpr_consent=
Request Chain 495
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A546330C-3216-4850-BC79-A83D4A431B66&addseg=19,36,42
Request Chain 496
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A546330C-3216-4850-BC79-A83D4A431B66&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A546330C-3216-4850-BC79-A83D4A431B66&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 498
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A546330C-3216-4850-BC79-A83D4A431B66 HTTP 302
  • https://a.audrte.com/p
Request Chain 499
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0ac84c21-639b-4b10-8325-b0d1c708660d&gdpr=0&gdpr_consent=
Request Chain 501
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3803717078 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A546330C-3216-4850-BC79-A83D4A431B66

500 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
forum.killerfrogs.com/
Redirect Chain
  • https://forum.killerfrogs.com/
  • https://forum.killerfrogs.com/index.php?forums/-/list
77 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
b3e88dc0e7ff1d23f69c42e066a93173c8f3516697b83bbb0d5250556a9114a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, max-age=0
content-encoding
gzip
content-length
19168
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Sat, 19 Nov 2022 14:39:16 GMT
server
LiteSpeed
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
private, no-cache, max-age=0
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Sat, 19 Nov 2022 14:39:16 GMT
location
https://forum.killerfrogs.com/index.php?forums/-/list
server
LiteSpeed
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
fa-regular-400.woff2
forum.killerfrogs.com/styles/fonts/fa/ 		165 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer
https://forum.killerfrogs.com/index.php?forums/-/list
Origin
https://forum.killerfrogs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:16 GMT
last-modified
Fri, 24 Sep 2021 05:34:20 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
168768
expires
Sat, 26 Nov 2022 14:39:16 GMT
fa-solid-900.woff2
forum.killerfrogs.com/styles/fonts/fa/ 		134 KB
134 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer
https://forum.killerfrogs.com/index.php?forums/-/list
Origin
https://forum.killerfrogs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
last-modified
Fri, 24 Sep 2021 05:34:20 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
136824
expires
Sat, 26 Nov 2022 14:39:17 GMT
fa-brands-400.woff2
forum.killerfrogs.com/styles/fonts/fa/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer
https://forum.killerfrogs.com/index.php?forums/-/list
Origin
https://forum.killerfrogs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
last-modified
Fri, 24 Sep 2021 05:34:20 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
76740
expires
Sat, 26 Nov 2022 14:39:17 GMT
css.php
forum.killerfrogs.com/ 		396 KB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=3&l=1&d=1668435605&k=62fd257aa908f55682701a9dc9c4398366774006
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
4e2980274725fbb36ec10223bbfc385ba73a99534e52578c158c99d45c9168bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 14:20:05 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-length
84929
expires
Sun, 19 Nov 2023 14:39:17 GMT
css.php
forum.killerfrogs.com/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/css.php?css=public%3Alightbox.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Aextra.less&s=3&l=1&d=1668435605&k=a75b4603dc53bcdbe74e41414fceea7ea49294ca
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
512273ac7c62f63808631d34472c5a7fc4a46a8abc3c379893df549fb2f71915
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 14:20:05 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-length
8666
expires
Sun, 19 Nov 2023 14:39:17 GMT
preamble.min.js
forum.killerfrogs.com/js/xf/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/js/xf/preamble.min.js?_v=20ca7279
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
dad600c56c76b4004428693b384340558c37efe7ebdbf9d4889b1f69be14071d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 05:30:22 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1417
expires
Sat, 26 Nov 2022 14:39:17 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11178537-1
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d718456f3de840af4136560c004b1aae0e6bca818ba1e8c0fa3bc39e971abae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43720
x-xss-protection
0
last-modified
Sat, 19 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Nov 2022 14:39:17 GMT
logo-500.png
forum.killerfrogs.com/styles/xenith/xenith/logo/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/styles/xenith/xenith/logo/logo-500.png
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
60c3b1bfc4f1d426e82117dfc692f4614a983e5e972a06cd1f88e4c881d690cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
last-modified
Mon, 20 Mar 2017 23:17:36 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4582
expires
Sat, 26 Nov 2022 14:39:17 GMT
countdown-text.php
forum.killerfrogs.com/js/countdown/ 		3 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/js/countdown/countdown-text.php?timezone=US/Central&text=BEAT%20BAYLOR&countto=2022-11-19%2011:00:01&do=t&data=GO%20FROGS%21&tv=FOX&time=11AM&spread=%2D3&ranking=4
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
e3ee656557857ba544b334f741cd1cb7daa4eebd0669f8ae1260333a57db8f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
br
server
LiteSpeed
content-length
908
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
killer.gif
forum.killerfrogs.com/img/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/img/killer.gif
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
ca0d81bbd9e01fdf0d7138622f7135a11e6b13026fa40ddb9a5e77ec985625cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
last-modified
Tue, 05 Jun 2018 23:49:10 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
72071
expires
Sat, 26 Nov 2022 14:39:17 GMT
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf2a73823b8dd96a39d1b2926e816d5ec549de425bd4bed227e599f78e8e0e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 20:02:45 GMT
server
cloudflare
age
9360
etag
W/"e0f-5edb0129af3ee"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
76c9b1c7de39907c-FRA
expires
Sat, 19 Nov 2022 13:03:17 GMT
jquery-3.5.1.min.js
forum.killerfrogs.com/js/vendor/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=20ca7279
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 05:30:05 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30280
expires
Sat, 26 Nov 2022 14:39:17 GMT
vendor-compiled.js
forum.killerfrogs.com/js/vendor/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/js/vendor/vendor-compiled.js?_v=20ca7279
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 05:30:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12298
expires
Sat, 26 Nov 2022 14:39:17 GMT
core-compiled.js
forum.killerfrogs.com/js/xf/ 		207 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/js/xf/core-compiled.js?_v=20ca7279
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
8e3b7ea2ceacf1ff82916d2b3ef7c13cee44eb06d26d37f82fea5cb5d525172e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 05:30:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
58455
expires
Sat, 26 Nov 2022 14:39:17 GMT
lightbox-compiled.js
forum.killerfrogs.com/js/xf/ 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/js/xf/lightbox-compiled.js?_v=20ca7279
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
832fe93dde194769de496738142175731f04bc66c4f34ac70da8a3816cd49da9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 05:30:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
24931
expires
Sat, 26 Nov 2022 14:39:17 GMT
notice.min.js
forum.killerfrogs.com/js/xf/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.killerfrogs.com/js/xf/notice.min.js?_v=20ca7279
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
bfe3ecad86362036bfbf2e0d2bc27a6a593cb0fff32a97a5b1b5f81b409a3bb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 05:30:22 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1240
expires
Sat, 26 Nov 2022 14:39:17 GMT
didna_config.js
storage.googleapis.com/didna_hb/husker/killerfrogs/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/husker/killerfrogs/didna_config.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
014b0fae1e562640128e80bd57234b73982dbc0a1b0ddb93af3c159b242a1162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
x-guploader-uploadid
ADPycdu8Ae33xase62TJ5Cgd7kWJNBFrqWQhyUCmF317VO8szTnj6D3sNrzUBByy0RY4mO4_hMlOntRLbPeYXt5RBqVv3g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15685
last-modified
Tue, 15 Nov 2022 20:46:58 GMT
server
UploadServer
etag
"824053df8fd0a8def6e628c39a0ceb7d"
x-goog-generation
1668545218495662
content-type
text/javascript
x-goog-hash
crc32c=GsyN1Q==, md5=gkBT34/QqN725ijDmgzrfQ==
cache-control
no-store
x-goog-stored-content-length
15685
accept-ranges
bytes
expires
Sun, 19 Nov 2023 14:39:17 GMT
77e4a266-5c73-4bbf-a4bc-eb987e1853a4.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		183 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/77e4a266-5c73-4bbf-a4bc-eb987e1853a4.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0b233549d2cccccb9b5609db2bdffaeb77491ed21b955781fe3e516676e2567

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
YnYXUa7x0vXGn2n7HmlN13XLcpHgcOFy
content-encoding
br
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 14:39:19 GMT
last-modified
Tue, 01 Nov 2022 15:45:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"30ff57ad09b10ef17d310e5aafc65563"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
YbF-JDbYFTX9WLnqHXwCZscdmftBjKlsHyR6jx1b5ovx30SSSxyUNQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11178537-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 13:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4468
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 19 Nov 2022 15:24:49 GMT
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1758097621&t=pageview&_s=1&dl=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&ul=en-us&de=UTF-8&dt=Forum%20list%20%7C%20KillerFrogs.com%20-%20Lowering%20Office%20Productivity%20since%201997&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1236095468&gjid=1712900494&cid=1373169964.1668868758&tid=UA-11178537-1&_gid=1408374931.1668868758&_r=1&gtm=2oub90&z=46399663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ice.js
resources.infolinks.com/js/1835.006-3.025/ 		183 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1835.006-3.025/ice.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7184ab41cf778b1cf21506d80700c19163c1515a4a909e269695bf42d61da3db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:17 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:13:47 GMT
server
cloudflare
age
7951
etag
W/"2dace-5ed73e0824f04"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
76c9b1c8982c907c-FRA
expires
Mon, 19 Dec 2022 12:26:46 GMT
2933.jpg
forum.killerfrogs.com/data/avatars/s/2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/2/2933.jpg?1490117852
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
c403d10a62ce99293b3bccf1dcfa57019b6a43ee6d2bb68e4ee2cef077b14dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Tue, 21 Mar 2017 17:37:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1742
expires
Sat, 26 Nov 2022 14:39:18 GMT
126.jpg
forum.killerfrogs.com/data/avatars/s/0/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/0/126.jpg?1490064168
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
4268acf7e9a9fc9bea7bc60fabaa54938b321a75b1a3c3f2bb547bd7bf02a48b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Tue, 21 Mar 2017 02:43:05 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1465
expires
Sat, 26 Nov 2022 14:39:18 GMT
89.jpg
forum.killerfrogs.com/data/avatars/s/0/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/0/89.jpg?1490064168
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
3812dd6deca67a129dafa4e92d5bf69c25098e312afddad2b98c07659dba01f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Tue, 21 Mar 2017 02:43:02 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1446
expires
Sat, 26 Nov 2022 14:39:18 GMT
2891.jpg
forum.killerfrogs.com/data/avatars/s/2/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/2/2891.jpg?1490064211
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
7c91a67b48e76a833624d635b558f1fdc64b7dbc45344eb74b604da9fea2c297

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Tue, 21 Mar 2017 02:43:33 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1519
expires
Sat, 26 Nov 2022 14:39:18 GMT
322.jpg
forum.killerfrogs.com/data/avatars/s/0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/0/322.jpg?1490064188
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
a0f87c0fd26535bebb5c7f9da625c6007b3ddb3ff0fccbaca1c4aa9abcb98f25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Wed, 25 Oct 2017 01:38:17 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1849
expires
Sat, 26 Nov 2022 14:39:18 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11178537-1&cid=1373169964.1668868758&jid=1236095468&gjid=1712900494&_gid=1408374931.1668868758&_u=YEBAAUAAAAAAACAAI~&z=2102260389
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 19 Nov 2022 14:39:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
71142.jpg
forum.killerfrogs.com/data/avatars/s/71/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/71/71142.jpg?1509806736
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
901fd337d561b57b2cdeeacc5a9746195e340472f79092b768ac03fe57a0dc10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Sat, 04 Nov 2017 14:45:36 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
expires
Sat, 26 Nov 2022 14:39:18 GMT
8693.jpg
forum.killerfrogs.com/data/avatars/s/8/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/8/8693.jpg?1666818660
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
e2b479f8a717ca160c505310fdc2478fe278a2dbf612d094c8c1460f9dcad79c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Wed, 26 Oct 2022 21:11:00 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2811
expires
Sat, 26 Nov 2022 14:39:18 GMT
74664.jpg
forum.killerfrogs.com/data/avatars/s/74/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/74/74664.jpg?1667787242
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
8bf78100c295e6105e17629d8aab4b8e3d6efb5cb4bf8ff1901de76daefc7c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Mon, 07 Nov 2022 02:14:03 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1667
expires
Sat, 26 Nov 2022 14:39:18 GMT
6172.jpg
forum.killerfrogs.com/data/avatars/s/6/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/6/6172.jpg?1604686058
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
5decba30e3e3b7a130b501ad76c1a59e534fc17c1e630ff6435f3dbf52a0a83c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Fri, 06 Nov 2020 18:07:39 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1795
expires
Sat, 26 Nov 2022 14:39:18 GMT
72264.jpg
forum.killerfrogs.com/data/avatars/s/72/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.killerfrogs.com/data/avatars/s/72/72264.jpg?1648055647
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.254.117.67 San Diego, United States, ASN54555 (HOSTDUPLEX, US),
Reverse DNS
ip67.162-254-117.static.hostduplexdns.net
Software
LiteSpeed /
Resource Hash
ab1027b6eef20273649d03b0a84855acbce9900ed24d904ccc0fdfc210c2d414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/index.php?forums/-/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
last-modified
Wed, 23 Mar 2022 17:14:07 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1630
expires
Sat, 26 Nov 2022 14:39:18 GMT
ygn0V03QKo_OY-ubBU2bUeXhrxwtE-OxM0hA1i0ORNabPNgTABn7FgDlNJ9KPjBif12
readymoon.com/v2/0/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://readymoon.com/v2/0/ygn0V03QKo_OY-ubBU2bUeXhrxwtE-OxM0hA1i0ORNabPNgTABn7FgDlNJ9KPjBif12
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
25bb81662ff4ff6098a4f65bf176da326622545cefa4357556a4ee4f7a2adbdf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 19 Nov 2022 14:39:17 GMT
x-datacenter
gce-europe-west1
etag
"b0e419db732066c34648ff872a628cd0992ce9af4da094ede2f2df25441e43ed"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-c63t
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
694373797
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11178537-1&cid=1373169964.1668868758&jid=1236095468&_u=YEBAAUAAAAAAACAAI~&z=802114153
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11178537-1&cid=1373169964.1668868758&jid=1236095468&_u=YEBAAUAAAAAAACAAI~&z=802114153
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
manage
router.infolinks.com/usync/ Frame 2BC8 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3260010&wsid=7&pdom=forum.killerfrogs.com&purl=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
76c9b1c98b41907c-FRA
content-length
0
date
Sat, 19 Nov 2022 14:39:18 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
33 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3260010&wsid=7&pdom=forum.killerfrogs.com&purl=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76c9b1c98b42907c-FRA
content-length
0
gsd
router.infolinks.com/ 		317 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3260010&wsid=7&pdom=forum.killerfrogs.com&purl=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&jsv=1835.006-3.025&_cb=16688687579850
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03e82ecf3ce3e6fc338787bad303de972c6fdf9816274e02fb4a3e5074103a34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
76c9b1c98b45907c-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/killerfrogs/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27247
x-xss-protection
0
server
sffe
etag
"1396 / 478 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Nov 2022 14:39:18 GMT
hindsightipads.min.js
static.solutionshindsight.net/hindsightipads/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/hindsightipads/hindsightipads.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/killerfrogs/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-72.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a319459f4c298b45dedf0952323a5b0cbe58949ebc244d70e7016a120a697e78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified
Fri, 18 Nov 2022 12:08:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"1b1cff7e578f4647f7e41cc41ce5ee71"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
29969
x-amz-cf-id
OvVY9t7SS67uYoWpwZ-8W3mo_qffkr7unb8fDevRG-6b7cFBIRAYsQ==
186905-129106728116453.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/killerfrogs/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 19 Nov 2022 14:20:32 GMT
server
cloudflare
age
1015
etag
W/"903b22-930b-5edd3866767e4"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
76c9b1c9a8569954-FRA
expires
Sat, 19 Nov 2022 18:39:18 GMT
c398cb5b-4d2c-425a-8052-e037c17b318f
https://forum.killerfrogs.com/ 		594 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://forum.killerfrogs.com/c398cb5b-4d2c-425a-8052-e037c17b318f
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: readymoon.com
URL: https://readymoon.com/v2/0/ygn0V03QKo_OY-ubBU2bUeXhrxwtE-OxM0hA1i0ORNabPNgTABn7FgDlNJ9KPjBif12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
23935275
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
u6Qcyv7j0WYuzGWbjffcboIOggb_lFzowMDDCXzqUTtVGfcuVx66-Q==
9024f532-4bf4-4443-ba83-36e5d9a6b79c
https://forum.killerfrogs.com/ 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://forum.killerfrogs.com/9024f532-4bf4-4443-ba83-36e5d9a6b79c
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/killerfrogs/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a50fd2c2415334c1be42218fccd59b837de10ed8ba364199d2c0b0d4a4c65299

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
200828
Content-Type
text/javascript
grumi-ip.js
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/9024f532-4bf4-4443-ba83-36e5d9a6b79c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:05:19 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-version-id
w3KJZkVAfqnORqOaqFfF6RO.15AU_w0t
last-modified
Tue, 06 Sep 2022 10:54:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2040
etag
W/"8ad2beee52c2abad4a49b927b72d3048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id
XbJCoT1hjU9PjN0VIKeM57S7S7_CJrJBFkNVkMaIynp5dbxSSznlvw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/9024f532-4bf4-4443-ba83-36e5d9a6b79c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
expires
Sat, 19 Nov 2022 14:39:18 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ 		215 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/9024f532-4bf4-4443-ba83-36e5d9a6b79c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d557de3f39744cf5f2dc1fd949f47e98362dfdb6bd43a8b691d5b61bfb63fd95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 16:33:39 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=75615
accept-ranges
bytes
content-length
66761
expires
Sun, 20 Nov 2022 11:39:33 GMT
663511e8-43e4-4631-8220-77fb40827f31
https://forum.killerfrogs.com/ 		481 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/husker/killerfrogs/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7900b61c654b5c5c8e2592fcc4738e256046cc53883a016fbe696c591dac5d9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
492946
Content-Type
text/javascript
adreq
ads.servenobid.com/ 		877 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6959
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30f006b8657047b3ac0f7d8a5a83bbc99b1bf30e7610ac994dd001b4aa514529

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
03bc2a25018911215c51dc3e6b65c2814ddd60f28ef18c6e394347173983ba4c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:18 GMT
AN-X-Request-Uuid
d1930669-13f3-484a-8094-33632020e182
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=360095
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3cf0d79899800f180a3de6c39e2cd010790ee75b6f5cab8b59f4d0df7087ea2

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Za5YgBZVUNgpD21gfuvDCDwT3IMoEUag%2Fhk6Hv%2BqFUWjl4Xe%2BNd6LbtHeWu6T4WPiS%2F2%2BjNXYgN8LM1r95FyKj3EL3M08MoaLqF2E6N8mRh9pz30TFU2RRDlhCaS7Id9pMLZqbU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c9b1ca8abb8fe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7077300fa&cmd=bid&secure=1
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5487b41975ef2b0e319780a153e92f1d3f40d087bcdf5696c847922ad2ee7241

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
content-length
13425
hb
ssc.33across.com/api/v1/ 		93 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bXMQWEbJir6OoRaKlId8sQ
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8996d92d2401a14479a96f65fd5cd24d63d074c31b77ab92ec111532cb2b5d01

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
btlr.sharethrough.com/universal/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.196.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-196-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		366 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=239946&zone_id=1184556&size_id=2&rf=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tg_i.page=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tg_i.domain=forum.killerfrogs.com&tg_i.pbadslot=leaderboard_1&tk_flint=pbjs_lite_v7.26.0&x_source.tid=6b37be10-3950-484d-a587-a5c78ea322dd&l_pb_bid_id=16a7402a8cb421f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.45598869864526437
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
47f1dcb2f22567d0a4fd4c76a4e3ae309494d2be497cb3e1967f57bf16e839ab

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		93 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bXMQWEbJir6OoRaKlId8sQ
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
93c08cb508aff440691928151ae62851ebca5132242207a02573f52cb1a5d92a

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
238602289aec73870e9f290a983c0bee550a06b4393743983fa55cc9eb59f542
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:18 GMT
AN-X-Request-Uuid
4a945ebb-c0a1-46a3-87cd-ffc5d3050486
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ 		877 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7405
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30f006b8657047b3ac0f7d8a5a83bbc99b1bf30e7610ac994dd001b4aa514529

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.196.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-196-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7077300fa&cmd=bid&secure=1
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
605003d671a5403d42afc8072c70d1f159f6a9d10a929fbcef742537f3a70365

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		366 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=239946&zone_id=1184556&size_id=2&rf=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tg_i.page=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tg_i.domain=forum.killerfrogs.com&tg_i.pbadslot=728x90_post12&tk_flint=pbjs_lite_v7.26.0&x_source.tid=2d7372f4-77a0-4cb1-9403-404c60583b25&l_pb_bid_id=30e1340065d231c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.8924526421073806
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6db8b9f89959acd9a74f56afa8f6163f9c17db764afec5e7a31851aee3eca61b

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=360095
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d22b0a9a170713d6a07911954ec512379461b9b8ca2ea20d7790509e6eb70d0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG%2FOUIUY%2FyF8iF6L5iEw1G8mgGnFuMMvaBWE%2B8XOeSflPa%2FXeWzajJCdrdwJHhXFyoH5ZgplOowvkvlmgj6E93BO%2FBs9YhXdfq2AKmC4CxtrO1DRNpv6f5q9iMpnfN4ZWgBfYqyN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c9b1ca9abe8fe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
rid
match.adsrvr.org/track/ 		63 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186905
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
a9ad6ca41372903b3ca0f443069701e1330437f4f0b51bf8da70e5e6f68ca63b

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 19 Dec 2022 14:39:18 GMT
identity
api.rlcdn.com/api/ 		44 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adreq
ads.servenobid.com/ 		877 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2193
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30f006b8657047b3ac0f7d8a5a83bbc99b1bf30e7610ac994dd001b4aa514529

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.196.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-196-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		365 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=239946&zone_id=1184556&size_id=15&rf=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tg_i.page=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tg_i.domain=forum.killerfrogs.com&tg_i.pbadslot=rectangle_1&tk_flint=pbjs_lite_v7.26.0&x_source.tid=7afae982-7bef-4bfb-9803-7dad42ad77f2&l_pb_bid_id=386877efe17c47e&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.4704002142488748
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ed3f73792849426ea084f7f3ce7d6e1786a83740d9f03c497b6c2fb888afb277

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		93 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bXMQWEbJir6OoRaKlId8sQ
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fb2fc89fac84d39da888e00df34a4b8fed8538970d661448d83e4233579f934c

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=360095
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b038ff02723328607a63eb6e07a0f7a9a0bd088cdfb85d111414309230ad56a6

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv6pllQgNNzL9VFNhgGp3OsSCbWk%2FcGsXGfYnN2xVqNBeZdzuhWHy7jcMjlasvpKMLAIHgTV%2FGNum%2FQ8O1EAEhJcB%2FD5oh47DyzZnGF7hhsVi5dSuf2HkBUK6nXYD3f6%2BmZWgdyz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c9b1ca9ac18fe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9859a77d93d4521ab74fceaf7647b1445ecef03dec55f1c97a6e8cf2c3788187

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
content-length
13369
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: forum.killerfrogs.com
URL: blob:https://forum.killerfrogs.com/663511e8-43e4-4631-8220-77fb40827f31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a3fc475ed17dba17fb20c1c8718969bb637efd5c048ecaf8204a58f3c99f264
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:18 GMT
AN-X-Request-Uuid
01243052-b6a3-482d-919e-c2969e6e6a0b
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Nov 2023 14:09:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		237 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forum.killerfrogs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0be42d68cd1377aba7b8f73b328c06a52c3cecdc188ad519081fbac469a17f36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119
x-xss-protection
0
expires
Sat, 19 Nov 2022 14:39:18 GMT
grumi.js
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
895d1a04067a5eccf3bbcd609f1d3f365fd42d50ef11a6af31c62ff59af072dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:05:20 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-version-id
vRMCAxS8M4rSGz5reJcrMrbnZyBVS.2w
last-modified
Sat, 19 Nov 2022 13:26:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2039
etag
W/"c505b4eeec85425e4efea9941d032e34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
G-ueQq0tdk8faeGNS6n3H0R31qaiz_CYoz2dRHp5jI6GJym9GjFBDA==
doq.htm
rt3061.infolinks.com/action/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3061.infolinks.com/action/doq.htm?pcode=utf-8&r=16688687582141
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c321f83250ab6a8b45bb8a8aa69a6b11a950231a89bf5e23ce2444cd9d4872c

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
de-DE
cf-ray
76c9b1cb2b98bb53-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2dqvrZhPxUxwDfeFDJjEfKEEAiuWxiW9ztJ-GLZxlxP9kmKeLfVZ9pahzkknZs3NaWyB-WDs
readymoon.com/ 		191 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://readymoon.com/v2dqvrZhPxUxwDfeFDJjEfKEEAiuWxiW9ztJ-GLZxlxP9kmKeLfVZ9pahzkknZs3NaWyB-WDs
Requested by
Host: readymoon.com
URL: https://readymoon.com/v2/0/ygn0V03QKo_OY-ubBU2bUeXhrxwtE-OxM0hA1i0ORNabPNgTABn7FgDlNJ9KPjBif12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
aaec07c3cbe4a6663ab8d556f29ded4110287f4c3dc1786b1da0b4daffa2f416
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 google
x-buildnumber
694373797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
x-hostname
fen-hoothoot-europe-west1-c63t
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 19 Nov 2022 14:39:17 GMT
/
geoip.insticator.com/json/ 		230 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/77e4a266-5c73-4bbf-a4bc-eb987e1853a4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.233.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-233-242.compute-1.amazonaws.com
Software
/
Resource Hash
2f942c9fa45691562cd4059c8d220e456ff103207239f804ac09834539387779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
access-control-allow-credentials
true
x-database-date
Fri, 18 Nov 2022 20:51:31 GMT
content-length
230
vary
Origin
content-type
application/json
55354bb3-7aa2-429e-86a4-fbc34c21b197.js
df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/ 		340 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/77e4a266-5c73-4bbf-a4bc-eb987e1853a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:800:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b94aacc6d5f88fdff746212268ad84ffd6b7668791df92ad3e41d5422177681f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 07:04:43 GMT
x-amz-version-id
B7hOZsLXCSjy8E63CdPjGqOQt.xg9WG0
content-encoding
br
last-modified
Tue, 01 Nov 2022 15:46:40 GMT
server
AmazonS3
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"7ecde988c972c9bd38058cd84d8a874c"
age
27275
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ngFE3rKGUgvEFh1SpZ05MoXbhKUsrOweY39H2KRCG8pFq7jAWUFvYA==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
content-encoding
gzip
via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 00:34:10 GMT
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
50709
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
Tt9YVPAB6V3-B6NOlDCw023F0KMydTMY1yde2V1avKyjsQ9RoO_fsg==
config.js
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		114 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/77e4a266-5c73-4bbf-a4bc-eb987e1853a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da4cf3ad6682c929bd1d6fb284ced78ae07df21491f03a6bef500b865ef83a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 19 Nov 2022 13:23:30 GMT
server
cloudflare
x-amz-request-id
T12AVB82VXD9EJYQ
age
774
etag
W/"931862543567438fc3e972b6a01c918a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
76c9b1ce9b7b90d6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
1eTwxFyKKPQ3+rhHkVUKIEmRkWJPrsDPWNxGWMsOEvAM3YNP0um+FmO7XDTzuh8I+1cHg/v1007n86tGI+JcJQ==
index.html
auth.instiengage.com/auth/ Frame 3DA4 		75 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
172
cache-control
max-age=300
content-length
75
content-type
text/html
date
Sat, 19 Nov 2022 14:36:27 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Wed, 19 Oct 2022 10:48:49 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-id
XHFTexTDaU7SQSzT3pJ-Y2T59tFCEH_Btm6gWxjlKaYB0WNKw7np0A==
x-amz-cf-pop
FRA2-C2
x-amz-version-id
etWPI5eonL_SxoRBatQsvoqabhU7Yn57
x-cache
Hit from cloudfront
event
event.insticator.com/v1/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/77e4a266-5c73-4bbf-a4bc-eb987e1853a4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.81.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-81-40.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.81.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-81-40.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://forum.killerfrogs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://forum.killerfrogs.com
access-control-max-age
3600
content-length
0
date
Sat, 19 Nov 2022 14:39:18 GMT
vary
Origin
headerstats
as-sec.casalemedia.com/ 		0
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=360066&u=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2F2nG9V6LAMTJYMPeaytehEOqa7nQaihDUr2Xf3TZmU1GPoGwbESAE4sAIFiuc9LLFn3MvyHMJkwMfFv3lNRvcBxcUG3eMXWK9Go3OV6eljkLJo0ZegX5YVzShNt4o%2F5OXlKfhdu28E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c9b1cb984b915e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
/
onetag-geo.s-onetag.com/ 		555 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-71.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront), 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA2-C2
x-amzn-requestid
e75298b9-bd83-45a9-9d1f-0c143e8165f7
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
b2mXiG8ciYcFqiQ=
content-length
555
x-amz-cf-id
x3fCAececbCMIT3RbL1Nv4EzTvUuNP7BAJ_75bau-jwL8vAyEd_1kg==
beacon.min.js
signal-beacon.s-onetag.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-19.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 06:55:19 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
27840
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
ZNpYH70bybnRH2cl5DsKsH512Wd9OPDCbOlWG3m9IFu4zdieN-GY7w==
%2Findex.php
signal-segments.s-onetag.com/desktop/forum.killerfrogs.com/ 		706 B
1017 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/forum.killerfrogs.com/%2Findex.php
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
/
Resource Hash
4261c8715d3ba6c0172dd85a427b2f7089c20556e6fa12d67af768d241a93aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 05:05:38 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
34420
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
706
apigw-requestid
b1SVWgjDiYcEMNg=
x-amz-cf-id
HjAy30vw0l5WJfBLp0t9isify9-rXCY2wO8C2gzYhuQHviEXnuuLVQ==
forum.killerfrogs.com
signal-segments.s-onetag.com/desktop/ 		706 B
1009 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/forum.killerfrogs.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
/
Resource Hash
c0c144df45a4e104b43309679a945d091316be0fc17f6b62aadb2f8f03cd6585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
706
apigw-requestid
b2mXiibpiYcEPPw=
x-amz-cf-id
MGHBrt6PUqY5ex3p6y17DZMGgjyFcGKIWewd43hmjfhXsRXwLmlALg==
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_6.29.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.158.42.199 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://forum.killerfrogs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
server
nginx
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://forum.killerfrogs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://forum.killerfrogs.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
76c9b1ce9c509042-FRA
content-length
0
date
Sat, 19 Nov 2022 14:39:18 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
insticator
insticator.technoratimedia.com/openrtb/bids/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_6.29.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.158.42.199 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
388516156
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
9af4667afd084858ccdeaafa0ae1a9fd23c9f24e5b05b594a2da9829eec21064

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 19 Nov 2022 14:39:18 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/ 		114 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228197e591dbe2dc%22%3A%22107e5fe5b9e5264c792e%7C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3Dkillerfrogs.com-div-insticator-ad-1%22%2C%229ade78282c2d21%22%3A%223afc6584e4382cde652e%7C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3Dkillerfrogs.com-div-insticator-ad-2%22%7D&ref=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&s=04afcad7-5371-4170-b2c5-0e656ebc7e03&pv=ab5bb3a1-01ad-4095-aa21-8dbad25061f2&vp=desktop&lib_name=prebid&lib_v=6.29.0&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%229b6bfe8d-37c7-4656-8a1b-496fe96cb5f6%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22880fb91e-21c1-4e8f-af66-8dacd6080bf0%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22880fb91e-21c1-4e8f-af66-8dacd6080bf0%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
38cc0b115fd247849629413fa7ec2aabfce5aa782a21d4a01c3f63b743fa05cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:19 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-19
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
139
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		300 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
83374d5ade2bd5e6b772642cec167db82e43a1e8c9e1bac6e128e16a7888e6b2

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:18 GMT
AN-X-Request-Uuid
1946b68d-ab92-487c-8210-693521513a97
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		336 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1668868758385&to=0&aun=div-insticator-ad-1&pubcid=880fb91e-21c1-4e8f-af66-8dacd6080bf0&gpid=killerfrogs.com-div-insticator-ad-1&maxw=336&maxh=280&si=18035&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!insticator.com%2C9b6bfe8d-37c7-4656-8a1b-496fe96cb5f6%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.29.0%22%7D&ogu=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&ns=10138
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.193.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-193-50.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0d92710a0eccd2bb3c797a168c3f9481d189508d6c4e8f6f7f793216079a9692

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		336 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1668868758386&to=0&aun=div-insticator-ad-2&pubcid=880fb91e-21c1-4e8f-af66-8dacd6080bf0&gpid=killerfrogs.com-div-insticator-ad-2&maxw=336&maxh=280&si=18036&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!insticator.com%2C9b6bfe8d-37c7-4656-8a1b-496fe96cb5f6%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.29.0%22%7D&ogu=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&ns=10138
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.193.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-193-50.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d334ba20c3c11b1b388185a002c614ab75e759accfb6763b50863aaf11ed960d

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		397 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771356%3B771358&size_id=15&alt_size_ids=16%2C43&rp_schain=1.0,1!insticator.com,9b6bfe8d-37c7-4656-8a1b-496fe96cb5f6,1,,,&eid_pubcid.org=880fb91e-21c1-4e8f-af66-8dacd6080bf0%5E1&rf=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tg_i.pbadslot=killerfrogs.com-div-insticator-ad-1%3Bkillerfrogs.com-div-insticator-ad-2&tk_flint=pbjs_lite_v6.29.0&x_source.tid=c0875d23-9cb0-4ba2-b2ed-a9e377893bd9%3B1564acd4-5538-4a14-bfb8-d65414edc62c&l_pb_bid_id=20313e62a6b1d44%3B216c981316c55e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=killerfrogs.com-div-insticator-ad-1%3Bkillerfrogs.com-div-insticator-ad-2&slots=2&rand=0.7933609585969981
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
04a7d9efce5d983c3826bb9c642bdbd8da079284a815f7028b38b901de6f1e44

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
ex.ingage.tech/v1/ 		2 KB
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9fe27de2c4c607356b88ca2178495fe3542d66320951c5e18f38ac2231d1f0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
cf-ray
76c9b1cf8d7b9299-FRA
arj
insticator-d.openx.net/w/1.0/ 		73 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cecf0919-5be0-4975-9426-0fce69b62c23%2Cd8ca50a3-b06b-4efc-bbfa-b42a528d2bcb&nocache=1668868758392&pubcid=880fb91e-21c1-4e8f-af66-8dacd6080bf0&schain=1.0%2C1!insticator.com%2C9b6bfe8d-37c7-4656-8a1b-496fe96cb5f6%2C1%2C226934066924b22%2C%2C&aus=320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250&divids=div-insticator-ad-1%2Cdiv-insticator-ad-2&aucs=killerfrogs.com-div-insticator-ad-1%2Ckillerfrogs.com-div-insticator-ad-2&auid=545663687%2C545663687
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8312bb531a57040564f06037735d977e2dc97fe9eb874686f048f3177e44b8f2

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		87 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
401fbcf15346b1bff67718a8507ca342c243783290c966a2abada5ce0d7f250a

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		87 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
401fbcf15346b1bff67718a8507ca342c243783290c966a2abada5ce0d7f250a

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c
prebid.a-mo.net/a/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
98
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=579236&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2234016eba5311b0b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223556796b32c6285%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22killerfrogs.com-div-insticator-ad-1%22%7D%7D%2C%7B%22id%22%3A%223941a5706057171%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22killerfrogs.com-div-insticator-ad-2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%229b6bfe8d-37c7-4656-8a1b-496fe96cb5f6%22%2C%22hp%22%3A1%2C%22rid%22%3A%22226934066924b22%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22880fb91e-21c1-4e8f-af66-8dacd6080bf0%22%7D%5D%7D%5D%7D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff6f194bff4cae461e00227dbd90b97f8f5f04a0da5d69726380f5cb29e745c

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKirG5q17x%2BMiUvY2Ut74j5ElQq57SbmnvyzMmMokaE57b%2FTK02sP%2FM61IUjBYaixEblpbMqprWAlmGDEe6g%2BXqHRNhWj%2FRf4nrZdqkS6EOjfUPZaYdP3YQ3bm8ac2Dc%2Btsb2%2Fg7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c9b1cde9d68fe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
onetag-geo.s-onetag.com/ 		555 B
960 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-71.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront), 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA2-C2
x-amzn-requestid
e75298b9-bd83-45a9-9d1f-0c143e8165f7
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
b2mXiG8ciYcFqiQ=
content-length
555
x-amz-cf-id
6ZxKJZydga-C1aNPEkNooiTOvbxikzs4ThnpKdQX1gSTaKwKgP7EOw==
in_search.js
resources.infolinks.com/js/1835.006-3.025/ 		223 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1835.006-3.025/in_search.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858364408782a9612aca179e63cfcda6c8c64bbbebc65ec7a1dba1823d7084cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:13:47 GMT
server
cloudflare
age
7685
etag
W/"37df7-5ed73e0825ea5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
76c9b1cc59b9907c-FRA
expires
Mon, 19 Dec 2022 12:31:13 GMT
bubble.js
resources.infolinks.com/js/1835.006-3.025/ 		156 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1835.006-3.025/bubble.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:13:47 GMT
server
cloudflare
age
7691
etag
W/"27068-5ed73e0825ea5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
76c9b1cc59bd907c-FRA
expires
Mon, 19 Dec 2022 12:31:06 GMT
vidice.js
resources.infolinks.com/js/vidice/2.0/ 		333 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 09:20:02 GMT
server
cloudflare
age
432
etag
W/"5344d-5d6649709d511"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
76c9b1cc7a0b907c-FRA
expires
Mon, 19 Dec 2022 14:32:06 GMT
Zm9ydW0ua2lsbGVyZnJvZ3MuY29t
static.solutionshindsight.net/assets/ 		243 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/assets/Zm9ydW0ua2lsbGVyZnJvZ3MuY29t
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/hindsightipads/hindsightipads.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-72.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3119610b008741b308d19d7b32ee5a16be56f63be203bd0c0fc23b2ba54aa15a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/xml
access-control-max-age
3000
x-amz-cf-id
C9ykcCRc2_r6oh_kDR56cAU66VUonJh29coaBxPFA_MEGLIXA_3XMA==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forum.killerfrogs.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forum.killerfrogs.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1484167545845524&correlator=998606804533997&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CSportsPublishersGroup%2Ckillerfrogs.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=1&adks=2516471943&sfv=1-0-40&prev_scp=auid%3D728x90_post12%26adLocation%3Dbtf%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dforum.killerfrogs.com%26path%3D%252F%26didna_version%3D4%26ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1668868758698&lmt=1668868756&dlt=1668868756920&idt=1346&adxs=306&adys=1712&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&frm=20&vis=1&psz=920x92&msz=920x0&fws=4&ohw=920&ga_vid=1373169964.1668868758&ga_sid=1668868759&ga_hid=1758097621&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
767e95ecb9f691e4e923d3d6b3e2985a346ba7a265bc361e474bf7f429caf147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
407981
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15444
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
621560
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA0B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:18 GMT
expires
Sun, 19 Nov 2023 14:39:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1484167545845524&correlator=2182935441913009&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CSportsPublishersGroup%2Ckillerfrogs.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x280&ifi=2&adks=860752334&sfv=1-0-40&prev_scp=auid%3Drectangle_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dforum.killerfrogs.com%26path%3D%252F%26didna_version%3D4%26ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1668868758710&lmt=1668868756&dlt=1668868756920&idt=1346&adxs=1140&adys=569&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&frm=20&vis=1&psz=250x0&msz=250x0&fws=4&ohw=1600&ga_vid=1373169964.1668868758&ga_sid=1668868759&ga_hid=1758097621&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e3a7e487470b3c231c6dc107f5cc32d0eb05f7ea3686e0aeadebcaee4323add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12354
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		112 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1484167545845524&correlator=2866878431635667&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CSportsPublishersGroup%2Ckillerfrogs.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=3&adks=2191470203&sfv=1-0-40&prev_scp=auid%3Dleaderboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dforum.killerfrogs.com%26path%3D%252F%26didna_version%3D4%26ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1668868758724&lmt=1668868756&dlt=1668868756920&idt=1346&adxs=436&adys=386&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&frm=20&vis=1&psz=1180x92&msz=1180x0&fws=4&ohw=1180&ga_vid=1373169964.1668868758&ga_sid=1668868759&ga_hid=1758097621&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1884d6f4fe839f1a3042d56301cc2e3d574e86b23c9495c74a4ff656c57c1c94
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2drcy8uvsCFcmwdwod6N4Czw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10828385198590781233/728x90/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2drcy8uvsCFcmwdwod6N4Czw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10828385198590781233/728x90/index.html
date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42255
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
authIframe.js
auth.instiengage.com/auth/ Frame 3DA4 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
DA02CsX6dHEbzrJoqcyJ0Fv8305Wfzz_
content-encoding
br
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 14:36:28 GMT
last-modified
Wed, 19 Oct 2022 10:48:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
171
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300
x-amz-cf-id
AftB0rqNlxK2qsxJgISRn_WQbg2Px9_043HavEl0aBCkrClRGdHFRQ==
getads.htm
rt3061.infolinks.com/action/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3061.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22articles%22%2C%22scs%22%3A%22EQ-nKZgwcv%22%7D%5D&rid=ba7e4951-b136-4930-8b9f-d56fc969858d&jsv=1835.006-3.025&sr=1600X1200&rts=1668868758817&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tzo=-0000&c=c&strg=true&rsd=zEO8eRKSi8xtjKdccOZbysL4wPrrQeLojajFLlI_FB3CK2eTx4sH28GWuttWHXrP503RcL8qGOiWP1HqxBFdAIYT2HcjJ-dw8ccz8FnNmagD2Udt6Zu2p549g_D2b-JpbudutKlbLu55J1y0mNl_0RFMFq3tMzSK&rsk=14&rcs=8xoPeNGEAjhsFhL0r0v1AA&hbnr=false
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b595ba0d3b5e8a9aaaea5976b2c6fdee45b77a8bb70bb9c547bc20fbcae1a6df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
76c9b1ce9f86907c-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
intag_incontent.js
resources.infolinks.com/js/1835.006-3.025/ 		199 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1835.006-3.025/intag_incontent.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8794fd6664c984c074ea7c0581e0b453ad7001bbf66e57628b4ab870861563e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:13:47 GMT
server
cloudflare
age
6468
etag
W/"31c49-5ed73e08256d5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
76c9b1ceaf98907c-FRA
expires
Mon, 19 Dec 2022 12:51:30 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202211100910/ 		212 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202211100910/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a87b588978127e2d64d83d8b49a4ac8e7cea813de00c1b0d67bc8cc7426387a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 14:35:42 GMT
server
cloudflare
x-amz-request-id
DVC3K5MT94KE23ZJ
age
765379
etag
W/"f907f76d0cf55dfde491009ce035c1c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
76c9b1cf68fe5c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
wTLqm0rclNOLPVL2al/Vk/W1VRXeXN9NZjxPPpybh95tIGlSxeloEMoGOGVujM6tfaqcraywauk=
dcl.htm
rt3061.infolinks.com/action/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3061.infolinks.com/action/dcl.htm?rid=ba7e4951-b136-4930-8b9f-d56fc969858d&jsv=1835.006-3.025&capara=%7B%22failedAlgos%22%3A%22aapalgo%22%7D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
76c9b1cee85d907c-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3061.infolinks.com/action/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3061.infolinks.com/action/dcl.htm?rid=ba7e4951-b136-4930-8b9f-d56fc969858d&jsv=1835.006-3.025&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
76c9b1cee862907c-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt3061.infolinks.com/action/ 		0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3061.infolinks.com/action/getads.htm?hks=%5B%5D&rid=ba7e4951-b136-4930-8b9f-d56fc969858d&jsv=1835.006-3.025&sr=1600X1200&rts=1668868758862&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tzo=-0000&c=c&strg=true&rsd=zEO8eRKSi8xtjKdccOZbysL4wPrrQeLojajFLlI_FB3CK2eTx4sH28GWuttWHXrP503RcL8qGOiWP1HqxBFdAIYT2HcjJ-dw8ccz8FnNmagD2Udt6Zu2p549g_D2b-JpbudutKlbLu55J1y0mNl_0RFMFq3tMzSK&rsk=14&rcs=8xoPeNGEAjhsFhL0r0v1AA&hbnr=false
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
76c9b1cee865907c-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3061.infolinks.com/action/ 		0
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3061.infolinks.com/action/dcl.htm?rid=ba7e4951-b136-4930-8b9f-d56fc969858d&jsv=1835.006-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A0%7D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
76c9b1cee866907c-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:48:51 GMT
content-encoding
gzip
age
607828
x-guploader-uploadid
ADPycdu3Gw5FY_q4NTn97VXYnntJVtAX26caEl7o3n1xhH_sP1GWn03HtLzXWtmuhtpWhoyqDf_pa2Sc5NeIIOZROxkPyfq5tOA6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 12 Nov 2023 13:48:51 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Nov 2022 14:39:19 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.30.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-30-241.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
cache-control
public, max-age=86400
last-modified
Thu, 10 Nov 2022 15:41:58 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 09:46:31 GMT
server
cloudflare
x-amz-request-id
MTGHMSTP2MQ6687T
age
998
etag
W/"903cd4a80ebccf0d9e448e2b133b585d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
76c9b1d029f19186-FRA
x-amz-id-2
tEESGVsp+bKyUkJkmxizozouvEm8aB1MzR61a75ZMo0qfXJXM+T0kX7X8FMpX0Uhb1UFu05EslXpfBC8wd1XuA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:12:44 GMT
via
1.1 google
age
1595
x-guploader-uploadid
ADPycduiqxn7YPRc2nIKJGmsefUOWWG7h4Q3m6243-WMiDo4zZ5Dtz-KxkOQlwb5IXxz-2w165aYhqmotgt76OMAPJfSEg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
last-modified
Fri, 29 Jul 2022 16:55:09 GMT
server
UploadServer
etag
"f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation
1659113709880056
x-goog-hash
crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1258
accept-ranges
bytes
expires
Sat, 19 Nov 2022 15:12:44 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 03:33:06 GMT
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 16:32:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
39974
x-amz-server-side-encryption
AES256
etag
W/"a576cab5f14785e90bbbb12b6ee95a83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
Ifk0GsnwOZT6Hud_1h9cGKlF6LV4QC6SvyveWdATVckjC_CE8h3Zig==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.15.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-15-126.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
cache-control
public, max-age=86400
last-modified
Mon, 31 Oct 2022 06:06:26 GMT
accept-ranges
bytes
content-length
3211
vary
accept-encoding
content-type
application/javascript
container.html
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7746 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:18 GMT
expires
Sun, 19 Nov 2023 14:39:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.js
cdn1.opstag.com/13437/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13437/index.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-85.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dcce479953676a6c0b85afe21b8f95547df09ccffb11ea7de60dea771fc8662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 13:21:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"67599f779afa4e86fdab33ecc0aef0d4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5174
x-amz-cf-id
Ix5BDtd-7vG9n3noLHRufihVi4GAFgKJgi71AWeDfs1q4qniVeY-Vw==
grumi.js
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 7746 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
895d1a04067a5eccf3bbcd609f1d3f365fd42d50ef11a6af31c62ff59af072dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:05:20 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-version-id
vRMCAxS8M4rSGz5reJcrMrbnZyBVS.2w
last-modified
Sat, 19 Nov 2022 13:26:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2040
etag
W/"c505b4eeec85425e4efea9941d032e34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
ZUwqF6mZxyRElLNnJeIDms5eJlp4lHJ_UE5Oqx_E7wWSmCOwbcVlnA==
map
bcp.crwdcntrl.net/6/ 		60 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b041a9ac06412fc2d3c5e5feac8d6b962d36c26cee9ec098a6260a5821b3c87d

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache
x-server
10.45.23.251
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame DA54 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=forum.killerfrogs.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:18 GMT
server
Kestrel
server-processing-duration-in-ticks
389390
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&rid=esp&cc=1
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
a1fead34651bc8a4717c7c08a4b065a1e3ba0cc8c75b0ba6aed7c853b9c3009c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-rSb69uLlyqV91eY6gVhYfA8CT20"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 19 Nov 2022 14:39:19 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://forum.killerfrogs.com
location
/esp?url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
encrypt
esp.rtbhouse.com/ 		241 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1e237501ee3a5b510688d5ded6409d49f123a978f89e71f81b117508f5e73fef

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
4db191893631c1894d591e6129f498e9
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://forum.killerfrogs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://forum.killerfrogs.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 19 Nov 2022 14:39:19 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
cab9e3164fc8ae4beb7deccc986db481
adview
securepubads.g.doubleclick.net/pagead/ Frame 7746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy9YRlup4Y8P1LZLn3gOX_LmIC5TkjZtcg9On1KgDwI23ARABIABglaqUgqAHggEXY2EtcHViLTM1NjUzODU0ODM3NjE2ODHIAQngAgCoAwGqBKsCT9DTTo93qqFgznU6vy3VlsF0IiCC5NSUk9TRwqSOsIxjkbtuWEFeAtUgdqlWrPMDB2LSTlbtqYLa8NdmHGxa6N-PEqXxlyiPlPp1rs0Lgonr0rg2aSFui9Af78lgdM0rkro0vKauwKQPRna8suVaOB2qLTD5_2bHx91q7IzD6HBXmCQASDQs1LRh-zbgRXi0vcNJrAt0pPPyiMHYYYxW7CMxe4sRvW5qxMXrjWdBRETkyXtCTOHa3GvaWZPV5GEcjC3rdita4fRHzmVP5QgrtTUsgYYNK0oZg47Djc25f6y08vSSUKBz-T9sn1JtLVCwGsV4ooOk1eBQkkm4F45wWsHPoEJaBdBok43G54-w91xQRDdgeDHxjk10L0myUMP8xvMnshHt8_UKPfLgBAGABqvY7om-2KznowGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM1NjUzODU0ODM3NjE2ODEY3IoV&sigh=2ob5PQCdqm4&uach_m=[UACH]&cid=CAQSTADq26N9bzWuxRptF-HY9-5FnrfLfG8mEJGDiAI37qIQPrL9c_BEc78gLVD57knrMtbr8-J6Yfql71FcE_O7finM2GUYFji_2DbF-Q8YASAT&tpd=AGWhJmtQF2wITerIhNWMcgM9lwGtgL5Uf4_FOnPpdNHOMUpOCTSoRWur4PK_a7PSARO0h4luxA4h-040fXFOmgwC5rRx8gl5ow7EwsA91KtrQ4kFM36qMDl-b4SZZt3rvsQdIgZNOVxp60k-UM7HxlAWRQ2G9KFoMF8A4j93ECoT6sVoAxXDNTmxE2i_Vm4hgTzp-DgfLGNfZih_fZ8_HdCGpFI3gQKfGWN20kZWU3GJmrYpoSyu1e2H0oZB83qrJ6AudTUre6G0t6IJU0oyw3cPrVvcPT9TO1WtTLj4uPXjNY4DiGjubtpgz-cdyUWn4MMDYYGtn-MmYH02NdNnKFI5Shk-1pDFb3zoHZ-AzPOvyimf1Eu85xdBCfoqcZDBNhZjWyQwQnDyFgp8sdhBp2P-llOPhDB8oQFnXOYbH8aPECinfXpa0HCA4ou_al5prqIuQMTrdDvjVYA8JauN292fn-UhUtxygyFlzOA0cu5yE6kLkzzCQ67lM2sptReSvZ0UL5VY9WnHC5fsMKVQmLQfEBUqGN88BM5-kKEsW6IIzVVUiq-NPYfrs0HllRsZdDP7s-D3WANQ6sTqwT8SXwebOxidbILrB_Q21iM4aYn0J44c0NfehpNAcwJXvqT57i8ao6DuKiKjbo0TChxD-U7HGO8k30NmGC_liRFYxcV5PO6xIGjgXLHJgzD4BqQ6AOHM7jSxwY1oSkD1g2arLmNceEb8hHeU02jBVBeKYNR6Bj0FXuRGMdi7NuQcwzFwhxrkHrkdySGJUaIylXqeqomazj4bgU7HPN6uyOczesq2hXrfnk-G9aw8TxRvdxRl-EjMz3A1kIGMLXLHSSt1QXuDVhBOkFweZPdTLGkJl-lqXvhEPv8
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame B8C2 		261 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYvOm02AEwAQ&v=APEucNVTEOEv9L8GkI-TyQckc1rRBaJG4QvkCJKK0tEXJCB6jKKHOrNNn1NH2F9IMhe1kkLotmYubKqhty2KAc7Es4FvPJATgGqNPLiXPHeVqlHBSZmi-RfRyDjnIChe31kAqQl6_Ln00c6zR9cXUSbznpOf5BoqF0wTf2fb87L-gzjoNr4TyZY
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:19 GMT
expires
Sat, 19 Nov 2022 14:39:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7746 		68 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIOCkVzgd10MpSoeB1PaOKk6i-xdD4ET08n03qMAmmtKP-GTZmnd05Bxp-aTNh0vIxiybXyboZ22IO5KEVs3D-xdX6QHJZzwgkq6yvrBTetdvPi8u87TeMTEq4CM5AArkOCAK_ZHAf-9lgssPsd_HGe68mlB04BpiwqkGfOyi9C6cYBO8&cry=1&dbm_d=AKAmf-CWRShXN3cz2vmFqzLrAxKOdnrWnhH7HQi0yGc34HpUSUezUv3tFHCkr34XoWbB6oXnf21OsOq2oOeM6YixYnZ5Tod-2bNE7DQo-CX7NL4iuv44pm-VkJnKI2jdUnz8VHSUcKv285anmi4uWgmwJ3ZsxPLyiv6JZmoOkYG14fgavY1e23Xry2Xpmp-O2P-HpqsrDpb4ve-QY1gn2Ox2iL8RQnQIUSjWOemAWbnUR5jtUPDvkR6SFrXHeGde8xSsbyMBvw9hajNJoAvLrq8nQNpJEFUT7R1L1ewOxZpXNNSc6cQivESShph0doI1ytwDiJp19nV_L_ZQba39ig6xuQbSQjvUOqNBIkfk0UMeUppjeVfs5vMmTaDOsZmgodto8aPsBli3hkK0GIdv8aNe-AdVhyEeAybdoO8q5daPoaKR28i6_5138z3_fz2fTMCZ0kkB-SZB5Oyoz-G4IpHLFF8BpCbGRfcOAyr-wAM6dxwJFDBlXm387DEjWThKiA6Nc0gUTYhQ09ITngNV_GAAa7t7rIIg9BlZMDFp6O0u4kIZR8AfXWpDaN8jCnRd0y_0UHhR0jn24qt5VlYVELcAkkOAqoic0-b0RKWP1BHwUtyJEBqk0p3sEG9kfllw2rIgSpb-F1gDkxvPBA4VHkLaleIQsQdr_7ova2jcsFS6Yt0buEU9vzA14EpCfJ_V1UGb_MOXuKx1Fu28dreVZ95tQV2zBrS2XNLBjh_tcT3CMN7bKEPaEfzCvleupF8uhJpbLe4M9UyOe3C47Ly_dKK45atTlP7Ru6mO0R3VmHtoyevHSxG7PKKP_F5-iu9tfYYG4d0bWn706xW56flci9ZMxIPVtPv3kwPBxDXquRMLUR6pXrf09430W1S38HXdicRuKx6KPpqBmAOzvFKLCYGJFhPkBqZARBd0L7V1OGHffNuCumXwj7v0mbo-zTvnJ8oTczA1Zgv2rx2Wqb7z-XSh0xjuSb_3cNduhR7vtOAv4qic3jpciHgqlg94EmGv2TbG6FoXjSImOcWYAq6LOSfVKm_40aQ2dSywnQFh6p_dsbhPJrHialj9cEM-HTdJkTy2P3NMZo25YBrcDNnYsMraFZzDdQVtNof8dgVMppkgW7pUY_INxECSXKAlnG36U5ed3T7viescKX41yVjfyRqCN_RDD9-SLSTzfMMAwf5ngvYw4CNr0epsz_CLeCTAKjVvNZX3U6DXno_ROjwCDwRkv7tT9ahqrTo0DG_i9WQhg-4YS-JlpcnFvCWIdvIZ6FEGLOe2vXBMYLrbTwx_R0sKDRFf1yqvjTSzx7p8CcAQZIlsTE3SLqv53EwI9nwt4VsXu5a0qPZczD_Gaasz0S9yiUlpH4R6Z1EnFjZade6v_6MRhYJka8-bUc-xlhhb1XqByvSequX4aLxyB2GIEZJtcNJjFz4QS2Nm-MlFC7A9O_yzVaTzrKCKiAEwo7H-rDS--hJZoUOLoiAhlImHIVi-QiInlhTMxOH6GxrdToT5jgl7G3TSn686ia2-q8Q78pHeKEpXxSLmNcHohzPSlIeIT0f1dGfIt2BFZl0PIxkrRgkRZW8ka3eE9VexMLhKbs7ZYL9mmRJancYOi2MHBC41svz7vEmTnNzDm1KasprG9RyN8tcdI_SudpIIk48HNfZ7XkUSQXmXj_rZt_BbNEamX3_Rx5cmC51uNt5iY_bBBRlRrCYHj5sahuvkSGwWO5rFEwl4a2aCPe0Uhdnl0Z2N4Sl4yACUSr7Oc6A2X4qHACSzNfKy3j0BlZhu-aPsz64CPftqfc7wSihYhnP_llVqutoQA70kbaL1h9yaUMSnfk7gmaXgb6R7MRwCZ1XNg0v1oPc64iUs9QVXw2FLd_bACiCX7owTkuSQCLh3PxnvLgOLbyyqrZOskGQM2sKA2c4V6fw0Vbf6Ij0Q3XyEm9HfWgord_6iETIXmrIuO-Os77wkYQ-jMUCFwbW8xMJZyZDdpvC_VjxNXB8_TmFy6FpMa4uV0m1RrQOUEyQWwMohw9oA2S2fHOYmJ7O5i2coKKnJRXNyECzoniema5BWscM7Ub95xMnAw-DtGx6TMPbK4q2rqDUdg_RLL8FBRbyyBjRAFo9Y_2Ns4H6BceSs1CN0W7YE9TEldy5pTSzXVVezv7t2dyfNxG-hNK1rAcCmbNlmQScrLii889IsvqKjGtCzx6x9-54vL9FGr8rR7FdT4wLkAwUrA_HizEEuqkjAsFP1dwa3muVZVyIET1anf-q1peHbnT_PTlblITzsOIEcq3LHC6Gko8libPbfV-3oR2ve7IkDOlcJrgJOuLhGMBgjMNKy6V1G2E0Tf2o8KDjXU6go3fXGZzF5ZkNAbaj59-59G0cKuEEWJ83LD81qq0NoyjBWikZX27QYc33u7e-dXa16JdMopZcvAziQvzJU88cxB5RxodNetKDVnlXisMR-vjknrBG2rCJI7P9dkNgl1vV447DVXlRGnCZm_jVlZY_xDbjf400_opR5_Hd5a38p3yQ4tE0ib4sFwJJJ67Z0bmTyD9l5KdFVSxIV0Nqhd1FifHJeTb-8BzDHHu2QJTOnOPcgf5gOfIcbDJzi2I1WpiKyQctKlJfoMjvb6cTarfh1cmB5GIiXRfWRankE9w92WPj8lC0MYp7DQZIAfTWUw_leppVLBECfwh9HNslJxz-_5fff3Hy8YIL9ORIaz_9fJkg50gsN42IMjbgCmNMa_WVj4dr0p50OFoSnTLbdN2m2F_zUCp9XSGnPRLgUSgTm4nAuq_bfIyzeF4p4vnNSt6LxIq9sZTszva7oM19bCMTZPBn1ApNaj2n3JR9eLDiCew4_q5KW6Apub-7YWqpjOwSAgVLJATknndFFkjEgBjhyZ4fteo3j4686OXydEfG0bfCZm2gS8S3CsyyDXv3KNtAWFmViDtd1sGb8cD_eUkdNUR2fMbSWsijotPHXX1HcTJbVRiN47m4z4lj_7U0H_JigHmonNDIcHXmjndNWCTDCfoGfZsdt_-JMJhjUa_fX47l8GppAYqQuVQJwzVjzubBqDkcn3WNjLhfJ1u7OQvInn2EPLB-rumxLK36NBcO8qKcoe1FzDiOGBb6YY00bzoqmXAVYQJPBzYD7kkfBIwRkCnch_gazuAF1-td-qHX8Gm3FK4R7eQfkCxGs04D-gs-oSbZKQbtqhbhF9-n0DvxwZC_rEw8cCSsOGHFNv1gK4JY6ln9Crcn8UnFA9Xg2bVPtKv6TkAJilq5tOX_S7y3UmcGfFOmaC7K-Q4XlG4c3mfJM1vn9xoZ25k_GPizCFlagMHKlMd9lgQahMN9SwheG5Rvvn9HQSmzneciU-AdMTy8U6D-hPrgNoFlOkGH4AMrWeTl8KSI&pr=30:0.020035&cid=CAASBORob3I&rfl=1%2Chttps%253A%252F%252Fforum.killerfrogs.com%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c518b4ceda687289bdbcbd35f9d428d68f6afe37b6c7bcc6a684217b455c337b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33447
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 7746 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13385103
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 20:06:40 GMT
Server
nginx
ETag
W/"5e8cdd50-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=604800, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sat, 26 Nov 2022 14:39:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7746 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 14:10:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7746 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7746 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
341750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 15:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7746 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 14:39:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7746 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Br8uNIcG8GnO1iB4dMLwedNSRXxcEfaR7K6b-ZMKWxZMfdst312gp8vdcU3erJzEVjtsFsw1BmutdeUyA2L6eIfnM8IZI50Xxca40gXJD6o_ojyLU
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
protected-by.clarium.io/ Frame 7746 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzQ2OTMzNzYzNjE6NzI4eDkw&v=5&s=v31gi858nl2&id=eyJkZnAiOnsiYWQiOjQ0MDI0NTQwNjUsImMiOm51bGwsImwiOjAsIm8iOjIxNTQ3NjU3NjEsIkEiOiIvMTcwNzM3MDc2L2Rpc3BsYXkvU3BvcnRzUHVibGlzaGVyc0dyb3VwL2tpbGxlcmZyb2dzLmNvbSIsInkiOjQwNzk4MSwiY28iOjQ2OTMzNzYzNjEsInMiOiI3Mjh4OTBfcG9zdDEyIn0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=9465000&h=forum.killerfrogs.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6UTJPVE16TnpZek5qRTZOekk0ZURrdyIsIndkIjp7ImNvIjo0NjkzMzc2MzYxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.48.37.161 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-48-37-161.eu-north-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:19 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame DA54
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=killerfrogs.com&sn=ChromeSyncframe&so=0&topUrl=forum.killerfrogs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=uDP_YXx1R1Bvb0R4emVpQVFmWWFlUnFBTjQ2QlVlRENLQlVqN2pWbjQ3MGJ5VW1UaExrNzlpMVRWbGQ2NEU1MWI2Vmwrazhtd1lVUWhaUTJRYStvOVBjQWVXdGdJMUp3S3dkbjJJd1pEWGRwMXRJelBKU1k4V3ExZWdLcC...
446 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uDP_YXx1R1Bvb0R4emVpQVFmWWFlUnFBTjQ2QlVlRENLQlVqN2pWbjQ3MGJ5VW1UaExrNzlpMVRWbGQ2NEU1MWI2Vmwrazhtd1lVUWhaUTJRYStvOVBjQWVXdGdJMUp3S3dkbjJJd1pEWGRwMXRJelBKU1k4V3ExZWdLcCs1eTJ2M2VkendyZUVTN0tyc3F2a0dvVW5XL1h2RmxSaEFIbmlLNFdNa1BJcWNkelhHclFBYzhSN2dUbXdPQjV6OWZ0RDVocDkrbzdKbGVPbldJUXZDd0RPZHh1elQ3cHZCZzFjQ0FPTVFzRnBCdkN1OWxGOGpQY04wcndSWDZDTTVOeXp4enVCSjltSGxnei9GZ204RGlENnlvVWFRUT09fA&cppv=2
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
51f5b3906370b5dedb245a52438cdd950bf41391ac49b83f52fa5557fc21db41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2373066
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=uDP_YXx1R1Bvb0R4emVpQVFmWWFlUnFBTjQ2QlVlRENLQlVqN2pWbjQ3MGJ5VW1UaExrNzlpMVRWbGQ2NEU1MWI2Vmwrazhtd1lVUWhaUTJRYStvOVBjQWVXdGdJMUp3S3dkbjJJd1pEWGRwMXRJelBKU1k4V3ExZWdLcCs1eTJ2M2VkendyZUVTN0tyc3F2a0dvVW5XL1h2RmxSaEFIbmlLNFdNa1BJcWNkelhHclFBYzhSN2dUbXdPQjV6OWZ0RDVocDkrbzdKbGVPbldJUXZDd0RPZHh1elQ3cHZCZzFjQ0FPTVFzRnBCdkN1OWxGOGpQY04wcndSWDZDTTVOeXp4enVCSjltSGxnei9GZ204RGlENnlvVWFRUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
452922
content-length
0
expires
0
container.html
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 99ED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:18 GMT
expires
Sun, 19 Nov 2023 14:39:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview.htm
rt3061.infolinks.com/action/ 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt3061.infolinks.com/action/adview.htm?rid=ba7e4951-b136-4930-8b9f-d56fc969858d&bdc=1&midx=0&emd=ODgzfjExMTJfMzk2MzA4NTY3fjM5NjMwODU2Nw&rts=1668868759288&prod_t=d&jsv=1835.006-3.025&skin=sidebar&theme=nologo&sdata=articles&scs=EQ-nKZgwcv&rsd=zEO8eRKSi8xtjKdccOZbysL4wPrrQeLojajFLlI_FB3CK2eTx4sH28GWuttWHXrP503RcL8qGOiWP1HqxBFdAIYT2HcjJ-dw8ccz8FnNmagD2Udt6Zu2p549g_D2b-JpbudutKlbLu55J1y0mNl_0RFMFq3tMzSK&rsk=14&rcs=8xoPeNGEAjhsFhL0r0v1AA
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
76c9b1d1ae57907c-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7746 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 13:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3773
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 13:36:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 7746 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 13:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
3327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 13:43:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8M2RESvlIfoLbtHRVZeHipZFTEj4phF6EmD6NxrRdKvH1lfBBHZf3iKv_6G10fGa3wTch1P0gK3asFvcoXDhQDc7PJu8_wiEjcfnLWSHJrM9thZbd4egu9ps2c91mfMKiqVgrrXP2J9ysS9n0qWDfTRMWfOad__2rv2EJZ70Fd9IcQxuUvkUPKIBZ-ETBRjGNixqhfmePWifj6ByMses4DI4iqJU_cajlyApvNtiLTj0s-9QovfptG2gdlzetnFUi4uTE_ZMxq4gM-ZAyQi5AWNON69xyskX4_jZtgKsqZNqVMsfkr63dTpvH1xhO7CzrT_R3DDPbCgG6UMWUlXbfykLTdd60zoeSc5qERaJfLuLDB5WoGLxim6bBTQ2atrmveLt8NOqSDPtbsHH2GjLPvw1YqcdAhqlpCKSCGsae8UZOEZVD94-ERDf3U9CHoBhoATeCp7aZcWe2VYogqZmwp7LBCDBHJ18HeKv1BzOTAOHIldISPmlKYGVF0LMVupI6ix1MKtQ-_3FcVIXRCohXm_S-gPXFJkyqyhw6M2BIvnW6TRkC0iLKzBmWu1iuFUDheZIJT4D4CCMt0xsLLTwa2ZI7rcm4ybJsnYKn2aXKi51iG_uMsUgGX6G7PxAOTga5qcXWr9f6VScyyrbKsiWFkB8SHcvWSQRAZOTlGEno4aUixQelFbOs_SiYoEzjENg7p7tnlEO3EgywtuyWeCWhgYzYkhtysyH9mbSYwc-xBtJge3eyTksV64qiE7liyA2-fnw97SSapLXq6Cmgvz6ynIrUR9zc1L0O1QvhvTbyMZPGYPc3pWf8dNxVljh_PRerKfQjW5bRmr3x93m5UKdbVTbwv6qZZ0siy8gKlRQgFci0GYm0hM9AGZggf0aF8XFKRzmlwoxfVJEBTwyBv49m43odW_ZqBGSYfnoS1g30eLX_qNMiJ5zIOFFt2kqprbPWDGhfBRDsmji9xpJ0z4y9GeD_wnlqw_5bJY39O1yP6PryXuLcNI_et3BA1hrxE2PQjaPYviDFN1WkfdecSV0GpVvaV6mxZx7cmgZAKhcMZDuG8dcgd3oa2CVoC-7jVTAA1OdlmC0Q9CxtMrsMWLQMZ2elIP-tVI17h1laVR6to7DinrY7nSnlayXyS3Dck15bg8AvZKx9TkpAmekHz0w6yiu7B_vx7wEVivHBsGctE6CGVfnktbNV&sai=AMfl-YQ8DYUbOGxGb9-TS7p3va0dBtiu0XnhqOvGm2o4GfJpYNZxnkeMUtICkHAj8JCL3me_54uQ1_QvKf4zQYS95pqPAansq9HHHsBtIfIyJqhqSHSZr4iZzlkFqeFaBkgFnXR7o2cxPw&sig=Cg0ArKJSzEzEd1x3VR_QEAE&uach_m=[UACH]&pr=30:0.020035&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.66719&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 14:39:19 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7746 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 21:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 21:12:01 GMT
12132530662849070167
s0.2mdn.net/simgad/ Frame 7746 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12132530662849070167
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e4a2867141599bdbc4bc65513cba3f7bb8578300682e63d5d39e6324454cbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 23:00:05 GMT
x-content-type-options
nosniff
age
56354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38417
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:10:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 23:00:05 GMT
ab
lax1-ib.adnxs-simple.com/ Frame 0049 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs-simple.com/ab?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QLFDmxFBwAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF4ASo2CcT1KFyPwtU_EVqGONbFbdA_GQAAAKBwPR1AIRESBCnDDSTYMQAAAOB6FPI_MLbk1Qw4sxlA2AhIAlDX4Py8AVjF0okBYABoyo6hAXjO5QOAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDQ1Nzk3OTgsIDApOwEULGknLCA3Njg4MjEzLBEULGcnLCAxOTIwNTIzNRUVLGMnLCA1NDE3MTM0MhUVMHInLCAzOTYzMDg1NjcFFvCQkgKpBSFRNG5kX2dqT3Jlb1pFTmZnX0x3QkdBQWd4ZEtKQVRBQk9BQkFBRWpZQ0ZDMjVOVU1XQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZWVvNGhLUXd0VV93UUhucU9JU2tNTFZQOGtCQUFBQUFBQUE4RF9aQVFBQQUPdFBBXzRBR1ZvTlVEOVFIRDlUQkFtQUlBb0FJQ3RRSQUjAHYNCPC8d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMdWt5U1lRQkJnQkxSQWRmem1pQXhNSWthbkRKUkFLR0FFdHRQYUVQeklEZFc1cnVnTUpURUZZTVRvMU9UWXc0QVBsTDRBRTRkTzBDWWdFNHRPMENaQUVBSmdFQkxJRUNnalJoZUVNRU1fVW9RMnlCQW9JMDVMYURCRFAxS0VOdWdRYUNJVUVFUUFBQUFBQUFOQV9HEQxYQUFBSUtmMTVRNjZCQm9JbmdrUm1wbVoBAgx5VDhaASANATBnMFlYaERNRUV6Y3pNAQIQM0RfSkINHQEBFDJBUUE4US5ZABhnRnlDNnBCERMUUEFfc1FVASsJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmRDSkF2QUY4NWlVQ2ZnRjFzT1hBb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdBQUEFAixCRUNvQmdTeUJpUUoFEQkBAFIJBwUBLuwAAGgFEgUBREM0QmdvLpoCmQEhS2hoWkVBajatAixNWFNpUUVnQUNnQU0R6VRBUkFPZ2xNUVZneE9qVTVOakJBNVM5FXkIOEQ5HXkAQh15CEJoejVdBDlwBYAFAQRCeAUHBQFBaABrNXjwSThEOC6yAgEw2AKkQ-AC6vkl6gIVZm9ydW0ua2lsbGVyZnJvZ3MuY29t8gIRCgZBRFZfSUQSBzQ1Nzk3OTjyAhIKBkNQR19JRBIIccgY8gIKCgVDUAEoOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAAHgkgLENPREUSEjAwMThkMAEBPDduYVdQQUFZ8gInCghDUEcJIQwbYTFuDSFcMHVENWJBQUVEaXNjb3ZlcnnyAgsKB0NQCSkcAPICEAoFSU8BhgAHjXYY8gIdCgdJTwkhABJGSgBA8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCLATCAAwGIAwCQAwCYAxSgAwGqAwDAA6wCyAMA2AP7iQbgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAo4MS45NS41LjMwqATPTbIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjExMTIjTEFYMTo1OTYw2gQCCAHgBADwBNfg_LwBiAUBmAUAoAXRP_BA_wGqBSpiYTdlNDk1MS1iMTM2LTQ5MzAtOGI5Zi1kNTZmYzk2OTg1OGR-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAFDHAAANgFAeAFAfAFBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=c9722f410fe077db462b7e95b9d1f6ddb3de969e&pp=0.2567
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
79a0638a1378cd7721218ba452ce84a70c6ee154ca84d149f22c4d3e1cc94f4b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:19 GMT
Content-Encoding
gzip
X-Creative-ID
396308567
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ea486744-4536-45ce-b2d6-2fcf9176d39f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
grumi.js
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame CB76 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
895d1a04067a5eccf3bbcd609f1d3f365fd42d50ef11a6af31c62ff59af072dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:05:20 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-version-id
vRMCAxS8M4rSGz5reJcrMrbnZyBVS.2w
last-modified
Sat, 19 Nov 2022 13:26:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2040
etag
W/"c505b4eeec85425e4efea9941d032e34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
SLzdwU-1XuPnWQE3maGNX7b7ts200AdGWllCg04gV-h4i-UhgoFYeQ==
m
ad.yieldlab.net/ Frame B8C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDgl5tj5c4csp64TuuC757s&google_cver=1
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDgl5tj5c4csp64TuuC757s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYvOm02AEwAQ&v=APEucNVTEOEv9L8GkI-TyQckc1rRBaJG4QvkCJKK0tEXJCB6jKKHOrNNn1NH2F9IMhe1kkLotmYubKqhty2KAc7Es4FvPJATgGqNPLiXPHeVqlHBSZmi-RfRyDjnIChe31kAqQl6_Ln00c6zR9cXUSbznpOf5BoqF0wTf2fb87L-gzjoNr4TyZY
Protocol
HTTP/1.1
Server
184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 18 Nov 2022 14:39:19 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEDgl5tj5c4csp64TuuC757s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame B8C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMmR24MSTyhK64kjPB5c7OU&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMmR24MSTyhK64kjPB5c7OU&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYvOm02AEwAQ&v=APEucNVTEOEv9L8GkI-TyQckc1rRBaJG4QvkCJKK0tEXJCB6jKKHOrNNn1NH2F9IMhe1kkLotmYubKqhty2KAc7Es4FvPJATgGqNPLiXPHeVqlHBSZmi-RfRyDjnIChe31kAqQl6_Ln00c6zR9cXUSbznpOf5BoqF0wTf2fb87L-gzjoNr4TyZY
Protocol
H2
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
last-modified
Fri, 22 Jul 2016 06:55:37 GMT
server
nginx
accept-ranges
bytes
etag
"5791c369-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMmR24MSTyhK64kjPB5c7OU&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
gw.geoedge.be/api/ Frame CB76 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.231.111.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-111-174.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:19 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame CB76 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Nov 2022 18:08:54 GMT
age
419425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Nov 2023 18:08:54 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame CB76 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Nov 2022 18:08:54 GMT
age
419425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Nov 2023 18:08:54 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame CB76 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Nov 2022 18:08:54 GMT
age
419425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Nov 2023 18:08:54 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame CB76 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Nov 2022 18:08:54 GMT
age
419425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Nov 2023 18:08:54 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame CB76 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Nov 2022 18:08:54 GMT
age
419425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Nov 2023 18:08:54 GMT
truncated
/ Frame CB76 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
746df91de5585124592271389455a72a441f9a2d239287d0d36242a4a125e7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
7960175562554483439
tpc.googlesyndication.com/simgad/ Frame CB76 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7960175562554483439?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkHl2wixVyhc-bVG3UBHzV3na_qdA
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
779492801aef3d3c171e9b2745cda7f70a96d7c786c5ffa423210921241d7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 10:16:48 GMT
x-content-type-options
nosniff
age
102151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40364
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 07:34:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 10:16:48 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CB76 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 09:39:53 GMT
x-content-type-options
nosniff
server
cafe
age
17966
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 20 Nov 2022 09:39:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CB76 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 23:28:16 GMT
x-content-type-options
nosniff
server
cafe
age
54663
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 19 Nov 2022 23:28:16 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CB76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJf5Jlup4Y7D5LsSbrAS6u4eoAbvVi59t_oXsrb0Q29keEAEgtJD6ImCVqpSCoAegAZyv-6gCyAEC4AIAqAMByAMIqgSLAk_QQNG5v-cXXCCaHDSCpHWDPmdVHSfK4HXzQUTPpyaEI3G1eGdDyykBwqi153jcPZ9DWvQ6pEAtZ_o-NkEuJ8ULkI-etdW6o3KZwhrioTjdnfRXDadHrFhEm81F2BboE07iPaxcxS9ibQ89OMSzk1P2v7EKGL2sFuzmg03h5isfF_xgsMUFL3eBgLwja1LUzdincZGovFA9AkMSqyVY2fLxVkLtlqHlye6Fpb15TAbhC_YTHuZA1-RAb1gNXDBU6ngRtTRPlQVCmEencyz_-iOsQSI6j5L487bhP-kaYcGkmiuD4WKizVmbVsfqxLkwsQg00M8nDkNmjq1WNycH-4VNI9g8R80FGNTP6cAEibfFsqIE4AQBkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ7oYI0ggRCIDhgBAQARgdMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMjgyOTQxMTM5OTc2MjQ4NxjcihU&sigh=w1OCpHm0Pq4&uach_m=[UACH]&cid=CAQSTADq26N9YR5IpFNRyft08wBriBdhU3JO1Xek86vwMjRG-sJGdARvx-WDkojakiPpgFGEWe02VvYd21Hok0QxhYiuvwBz3yNJJHyl95sYASAT
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
grumi.js
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 99ED 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
895d1a04067a5eccf3bbcd609f1d3f365fd42d50ef11a6af31c62ff59af072dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:05:20 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-version-id
vRMCAxS8M4rSGz5reJcrMrbnZyBVS.2w
last-modified
Sat, 19 Nov 2022 13:26:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2040
etag
W/"c505b4eeec85425e4efea9941d032e34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
meMmZOzCnq4umyM8j5OJdQg9gbsr1fqW_buuBs_OlUZqKrZyKdEyRg==
truncated
/ Frame 7746 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c133c3e12f2893f61a9d21579f4251eda485ed55b8eda7ea641b7bad75441b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 7746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8M2RESvlIfoLbtHRVZeHipZFTEj4phF6EmD6NxrRdKvH1lfBBHZf3iKv_6G10fGa3wTch1P0gK3asFvcoXDhQDc7PJu8_wiEjcfnLWSHJrM9thZbd4egu9ps2c91mfMKiqVgrrXP2J9ysS9n0qWDfTRMWfOad__2rv2EJZ70Fd9IcQxuUvkUPKIBZ-ETBRjGNixqhfmePWifj6ByMses4DI4iqJU_cajlyApvNtiLTj0s-9QovfptG2gdlzetnFUi4uTE_ZMxq4gM-ZAyQi5AWNON69xyskX4_jZtgKsqZNqVMsfkr63dTpvH1xhO7CzrT_R3DDPbCgG6UMWUlXbfykLTdd60zoeSc5qERaJfLuLDB5WoGLxim6bBTQ2atrmveLt8NOqSDPtbsHH2GjLPvw1YqcdAhqlpCKSCGsae8UZOEZVD94-ERDf3U9CHoBhoATeCp7aZcWe2VYogqZmwp7LBCDBHJ18HeKv1BzOTAOHIldISPmlKYGVF0LMVupI6ix1MKtQ-_3FcVIXRCohXm_S-gPXFJkyqyhw6M2BIvnW6TRkC0iLKzBmWu1iuFUDheZIJT4D4CCMt0xsLLTwa2ZI7rcm4ybJsnYKn2aXKi51iG_uMsUgGX6G7PxAOTga5qcXWr9f6VScyyrbKsiWFkB8SHcvWSQRAZOTlGEno4aUixQelFbOs_SiYoEzjENg7p7tnlEO3EgywtuyWeCWhgYzYkhtysyH9mbSYwc-xBtJge3eyTksV64qiE7liyA2-fnw97SSapLXq6Cmgvz6ynIrUR9zc1L0O1QvhvTbyMZPGYPc3pWf8dNxVljh_PRerKfQjW5bRmr3x93m5UKdbVTbwv6qZZ0siy8gKlRQgFci0GYm0hM9AGZggf0aF8XFKRzmlwoxfVJEBTwyBv49m43odW_ZqBGSYfnoS1g30eLX_qNMiJ5zIOFFt2kqprbPWDGhfBRDsmji9xpJ0z4y9GeD_wnlqw_5bJY39O1yP6PryXuLcNI_et3BA1hrxE2PQjaPYviDFN1WkfdecSV0GpVvaV6mxZx7cmgZAKhcMZDuG8dcgd3oa2CVoC-7jVTAA1OdlmC0Q9CxtMrsMWLQMZ2elIP-tVI17h1laVR6to7DinrY7nSnlayXyS3Dck15bg8AvZKx9TkpAmekHz0w6yiu7B_vx7wEVivHBsGctE6CGVfnktbNV&sai=AMfl-YQ8DYUbOGxGb9-TS7p3va0dBtiu0XnhqOvGm2o4GfJpYNZxnkeMUtICkHAj8JCL3me_54uQ1_QvKf4zQYS95pqPAansq9HHHsBtIfIyJqhqSHSZr4iZzlkFqeFaBkgFnXR7o2cxPw&sig=Cg0ArKJSzEzEd1x3VR_QEAE&uach_m=[UACH]&pr=30:0.020035&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=82&vt=11&dtpt=81&dett=2&cstd=0&cisv=r20221110.66719&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Nov 2022 14:39:19 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 577A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
323995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 20:39:24 GMT
expires
Wed, 15 Nov 2023 20:39:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7746 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BB_gKl-p4Y87_DsSE7_UPg6Op8A8AAAAAOAHgBAI
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
gw.geoedge.be/api/ Frame 7746 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.231.111.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-111-174.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:19 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
pd
google-bidout-d.openx.net/w/1.0/ Frame E7BC 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 19 Nov 2022 14:39:19 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/ Frame D935 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dedd702fcd70b0af3e17e0c285c746ce6beef04b0f4a510097f805423e19b33
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
70689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1492
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:01:10 GMT
expires
Sat, 18 Nov 2023 19:01:10 GMT
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 99ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ceubjlup4Y736L8nh3gPovYv4DPqhgsFtwsGM6pAQ29keEAEgtJD6ImCVqpSCoAegAbnnk7YDyAEJ4AIAqAMByANIqgSOAk_Q6dOTfzanU-7otdoIPyRyzTufSKOwYdeIznqIl954FWmeGWgDHNXPwUp6cJ5fe1FyrFUoAhIHbjFziF9may3I_YRtnf8woJGn6m5v5E-iU9zqhliliyuE-YbjJtykFiybFuDriYfSS_EAGBP5pG2YFFq2ZajQ7r-5_cEO41YFGH2tOdMrdvdmNbpwKYMjZ_d1tTSvFGhhwSj_kfVVWXuyV8y48NxgMb0vPZZwzgt5mSw5i9uWdhUwnkJ604RWbRDBHy_SODYEd2_jWdYr3Z1QA_Za8MxRuVqNQ8hwxZbjyuvWr3QT4IyXE9quhUGljH9QFVK8dNC42GSqQdCeTCSojLdUIk7bxtIvdqSA5MAEvs_9_4wE4AQBkgUECAQYAZIFBAgFGASgBi6AB6-Y7EmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDfmwjSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0yODI5NDExMzk5NzYyNDg3GNyKFQ&sigh=ttLChHKQiao&uach_m=[UACH]&cid=CAQSTADq26N9NZ1exwy5n2bfGLzXBMkxGFN1nG8pRiJGpAhh_v00pO-ev_54oVxzD54NB7JL-K3ckJljXpD6Kfn-BPbpjIpH2cMauKQdF5kYASAT&template_id=419
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 99ED 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 99ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 14:10:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 99ED 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 99ED 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 14:39:19 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 577A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 12:06:41 GMT
event
event.insticator.com/v1/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/77e4a266-5c73-4bbf-a4bc-eb987e1853a4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.81.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-81-40.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:19 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forum.killerfrogs.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forum.killerfrogs.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1484167545845524&correlator=2983847277450567&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=2507246%2Ckillerfrogs.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C320x50%7C320x100%7C336x280&ifi=4&adks=2769806989&sfv=1-0-40&prev_scp=h%3D14%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dforum.killerfrogs.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=pub%3Dforum.killerfrogs.com%26path%3D%252F%26didna_version%3D4%26ip%3D0%26he%3D0&sc=1&cookie=ID%3D82b8ce1dd093e46b%3AT%3D1668868758%3AS%3DALNI_Mb4KlfOZxHHkm5oIZqkfr2YzSS0Zg&gpic=UID%3D00000b840e1dcc2a%3AT%3D1668868758%3ART%3D1668868758%3AS%3DALNI_MaTaypLWEmU7PFg4y_kuGSm8B6PCQ&abxe=1&dt=1668868759618&lmt=1668868756&dlt=1668868756920&idt=1346&adxs=228&adys=1692&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&frm=20&vis=1&psz=920x560&msz=336x-1&fws=4&ohw=1600&ga_vid=1373169964.1668868758&ga_sid=1668868759&ga_hid=1758097621&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y87_RgskwSABSAghvEhsKDGlkNS1zeW5jLmNvbRiyvdGCyTBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8u9GCyTBIAFICCGQSGQoKcHViY2lkLm9yZxj8u9GCyTBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_LvRgskwSABSAghkEj4KBW9wZW54EixleUpwSWpvaVFsbG1MMjFqU25OVWIzVm1kRVF6Tmxsb1JrRlVVVDA5SW4wPRjOv9GCyTBIABLWAQoIcnRiaG91c2USwAF5WVFjVEZKRTZjMmlzMENndFI5ZktzSHlwNG9yWXNCQTdMUEYrTUExdmdUUUNsRC9yTHl2ZXRaWkE0OE1uWDI3MVlKUVAyTXVGMjd6UFprV0I2UnQ0cDdMMlMvYStSSm1QLzFHaGo3bTMzeVNVM2gySThJWHNUSklLV0RRb3RkTFRobUJ4YUIxaUNHOHZoOVF0YXoxeVFCRWM4NG0vbXpJYmlFTlIzQVh0N1UxUU40RlFYNERac3FLQ3VKdVJ3bUgY1b7RgskwSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e0c13c5813bcd58a3e56ece922a8b91a3a581a9b712374265a2c7ed57090f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12057
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1484167545845524&correlator=2247878467536817&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=2507246%2Ckillerfrogs.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C320x50%7C320x100%7C336x280&ifi=5&adks=926397566&sfv=1-0-40&prev_scp=h%3D14%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dforum.killerfrogs.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=pub%3Dforum.killerfrogs.com%26path%3D%252F%26didna_version%3D4%26ip%3D0%26he%3D0&sc=1&cookie=ID%3D82b8ce1dd093e46b%3AT%3D1668868758%3AS%3DALNI_Mb4KlfOZxHHkm5oIZqkfr2YzSS0Zg&gpic=UID%3D00000b840e1dcc2a%3AT%3D1668868758%3ART%3D1668868758%3AS%3DALNI_MaTaypLWEmU7PFg4y_kuGSm8B6PCQ&abxe=1&dt=1668868759621&lmt=1668868756&dlt=1668868756920&idt=1346&adxs=228&adys=1972&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&frm=20&vis=1&psz=920x560&msz=336x-1&fws=4&ohw=1600&ga_vid=1373169964.1668868758&ga_sid=1668868759&ga_hid=1758097621&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y87_RgskwSABSAghvEhsKDGlkNS1zeW5jLmNvbRiyvdGCyTBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8u9GCyTBIAFICCGQSGQoKcHViY2lkLm9yZxj8u9GCyTBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y_LvRgskwSABSAghkEj4KBW9wZW54EixleUpwSWpvaVFsbG1MMjFqU25OVWIzVm1kRVF6Tmxsb1JrRlVVVDA5SW4wPRjOv9GCyTBIABLWAQoIcnRiaG91c2USwAF5WVFjVEZKRTZjMmlzMENndFI5ZktzSHlwNG9yWXNCQTdMUEYrTUExdmdUUUNsRC9yTHl2ZXRaWkE0OE1uWDI3MVlKUVAyTXVGMjd6UFprV0I2UnQ0cDdMMlMvYStSSm1QLzFHaGo3bTMzeVNVM2gySThJWHNUSklLV0RRb3RkTFRobUJ4YUIxaUNHOHZoOVF0YXoxeVFCRWM4NG0vbXpJYmlFTlIzQVh0N1UxUU40RlFYNERac3FLQ3VKdVJ3bUgY1b7RgskwSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73e87dab02f32f782b57b23c32cc348e84b75574fbc195e0d3827c8ac148c11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12831
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.js
cdn1.opstag.com/13437/ Frame A84E 		314 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13437/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-85.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fc5ccd0c7ae2df02b1908c49930405beb859f24ddce2a2e48491d1aada4f6ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 13:21:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"73b80f35652618c5855345100627b7cb"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
97833
x-amz-cf-id
FaWPgYempIH7SrIxsSQDCxKdD9toiPe4Sj_8-McxoG9wNTgGPdJi1w==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame A84E 		201 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e02f606f1a329fbb0ce608b5f6524a3b274236ca2bf93abbca1b6275fbed308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 15:56:29 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=75480
accept-ranges
bytes
content-length
62867
expires
Sun, 20 Nov 2022 11:37:19 GMT
placement.js
cdn1.opstag.com/13437/ Frame A84E 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13437/placement.js?cb=1668868759631
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-85.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09269f843abd919aaa48f9e28317653b8bcf16101e44d39ae4a2df3d5f277ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 13:21:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"6df73bd3883754dbd3f19eb23eafbc69"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9116
x-amz-cf-id
cwTOwKCT4LqTYrWTYq72mG8v7GyutmBMlRneiJiBbPgwUSqM0XzXTg==
ad
pubads.g.doubleclick.net/gampad/
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/sportspublishinggroup/killerfrogs-13437-728x90-ads-desktop-pixel&sz=1x1&t=&c=5497310047
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/sportspublishinggroup/killerfrogs-13437-728x90-ads-desktop-pixel&sz=1x1&t=&c=5497310047&pre=1
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/sportspublishinggroup/killerfrogs-13437-728x90-ads-desktop-pixel&sz=1x1&t=&c=5497310047&pre=1
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
server
cafe
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/sportspublishinggroup/killerfrogs-13437-728x90-ads-desktop-pixel&sz=1x1&t=&c=5497310047&pre=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame CB76
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date
Sat, 19 Nov 2022 14:39:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
7960175562554483439
tpc.googlesyndication.com/simgad/ Frame CB76 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7960175562554483439?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkHl2wixVyhc-bVG3UBHzV3na_qdA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
779492801aef3d3c171e9b2745cda7f70a96d7c786c5ffa423210921241d7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 10:16:48 GMT
x-content-type-options
nosniff
age
102151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40364
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 07:34:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 10:16:48 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CB76 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 09:39:53 GMT
x-content-type-options
nosniff
server
cafe
age
17966
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 20 Nov 2022 09:39:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CB76 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 23:28:16 GMT
x-content-type-options
nosniff
server
cafe
age
54663
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 19 Nov 2022 23:28:16 GMT
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.81.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-81-40.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://forum.killerfrogs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://forum.killerfrogs.com
access-control-max-age
3600
content-length
0
date
Sat, 19 Nov 2022 14:39:19 GMT
vary
Origin
s
googleads.g.doubleclick.net/pagead/drt/ Frame CBB4 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 13:55:47 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 99ED 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e016a0537ef72711d185b445b334512a4b80e1159cfb5afa96c4d6f54e160ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
init
gw.geoedge.be/api/ Frame 99ED 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.231.111.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-111-174.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:19 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D935 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5219
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 20 Nov 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D935 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
67573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 19 Nov 2022 19:53:06 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D935 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Nov 2022 14:39:19 GMT
728x90.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/ Frame D935 		66 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/728x90.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
233b7171d71c482f12be2d6a2554f344b651cfb17c310609b8f56196ae7cc14a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 19:01:10 GMT
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8686
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:10 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame A84E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27247
x-xss-protection
0
server
sffe
etag
"1396 / 132 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Nov 2022 14:39:19 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CBB4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:20 GMT
expires
Sat, 19 Nov 2022 14:39:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
beacon
ap.lijit.com/ Frame 302A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13385103&gdpr_consent=&us_privacy=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sat, 19 Nov 2022 14:39:19 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
background_white.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/background_white.jpg
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41c17ece134a5fe799904749683926dd366ea41a6fb68f0116cf1898469c78d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:10 GMT
x-content-type-options
nosniff
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8379
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:10 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame A84E 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Nov 2023 14:09:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame A84E 		237 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forum.killerfrogs.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0be42d68cd1377aba7b8f73b328c06a52c3cecdc188ad519081fbac469a17f36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119
x-xss-protection
0
expires
Sat, 19 Nov 2022 14:39:19 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame D935 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 12:06:41 GMT
banshee.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/banshee.png
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7092dcab076f8d23a8607eedf7992f483bccf0942b0cd33048b739c338127db
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:10 GMT
x-content-type-options
nosniff
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45177
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:10 GMT
/
servedby.flashtalking.com/imp/1/192772;6908103;201;js;Captify;DemandCreationCreativeCloudChannelExpansion2022Q4DEDisplayCaptifyCyberMondayTargetedLeaderboard728x90MultiSBDM728x90/ Frame 0049 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/192772;6908103;201;js;Captify;DemandCreationCreativeCloudChannelExpansion2022Q4DEDisplayCaptifyCyberMondayTargetedLeaderboard728x90MultiSBDM728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=forum.killerfrogs.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=212148.76371691527
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.218.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-105.deploy.static.akamaitechnologies.com
Software
prod-xre-app23.frk11 /
Resource Hash
dd692c1a3c4f7627b7afd2f900fb7be320d8d53a86e156eacf4fe5d38451af27
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app23.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
688
Expires
Sat, 19 Nov 2022 14:39:20 GMT
jload
pixel.adsafeprotected.com/ Frame 0049 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931236&advId=4579798&campId=19205235&pubId=3251&chanId=0&placementId=396308567&dealId=0&planId=26571318&adsafe_par&bidurl=forum.killerfrogs.com&bidPr=0.34&uId=&impId=8332597031905138613&respID=0
Requested by
Host: lax1-ib.adnxs-simple.com
URL: https://lax1-ib.adnxs-simple.com/ab?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QLFDmxFBwAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF4ASo2CcT1KFyPwtU_EVqGONbFbdA_GQAAAKBwPR1AIRESBCnDDSTYMQAAAOB6FPI_MLbk1Qw4sxlA2AhIAlDX4Py8AVjF0okBYABoyo6hAXjO5QOAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDQ1Nzk3OTgsIDApOwEULGknLCA3Njg4MjEzLBEULGcnLCAxOTIwNTIzNRUVLGMnLCA1NDE3MTM0MhUVMHInLCAzOTYzMDg1NjcFFvCQkgKpBSFRNG5kX2dqT3Jlb1pFTmZnX0x3QkdBQWd4ZEtKQVRBQk9BQkFBRWpZQ0ZDMjVOVU1XQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZWVvNGhLUXd0VV93UUhucU9JU2tNTFZQOGtCQUFBQUFBQUE4RF9aQVFBQQUPdFBBXzRBR1ZvTlVEOVFIRDlUQkFtQUlBb0FJQ3RRSQUjAHYNCPC8d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMdWt5U1lRQkJnQkxSQWRmem1pQXhNSWthbkRKUkFLR0FFdHRQYUVQeklEZFc1cnVnTUpURUZZTVRvMU9UWXc0QVBsTDRBRTRkTzBDWWdFNHRPMENaQUVBSmdFQkxJRUNnalJoZUVNRU1fVW9RMnlCQW9JMDVMYURCRFAxS0VOdWdRYUNJVUVFUUFBQUFBQUFOQV9HEQxYQUFBSUtmMTVRNjZCQm9JbmdrUm1wbVoBAgx5VDhaASANATBnMFlYaERNRUV6Y3pNAQIQM0RfSkINHQEBFDJBUUE4US5ZABhnRnlDNnBCERMUUEFfc1FVASsJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmRDSkF2QUY4NWlVQ2ZnRjFzT1hBb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdBQUEFAixCRUNvQmdTeUJpUUoFEQkBAFIJBwUBLuwAAGgFEgUBREM0QmdvLpoCmQEhS2hoWkVBajatAixNWFNpUUVnQUNnQU0R6VRBUkFPZ2xNUVZneE9qVTVOakJBNVM5FXkIOEQ5HXkAQh15CEJoejVdBDlwBYAFAQRCeAUHBQFBaABrNXjwSThEOC6yAgEw2AKkQ-AC6vkl6gIVZm9ydW0ua2lsbGVyZnJvZ3MuY29t8gIRCgZBRFZfSUQSBzQ1Nzk3OTjyAhIKBkNQR19JRBIIccgY8gIKCgVDUAEoOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAAHgkgLENPREUSEjAwMThkMAEBPDduYVdQQUFZ8gInCghDUEcJIQwbYTFuDSFcMHVENWJBQUVEaXNjb3ZlcnnyAgsKB0NQCSkcAPICEAoFSU8BhgAHjXYY8gIdCgdJTwkhABJGSgBA8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCLATCAAwGIAwCQAwCYAxSgAwGqAwDAA6wCyAMA2AP7iQbgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAo4MS45NS41LjMwqATPTbIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjExMTIjTEFYMTo1OTYw2gQCCAHgBADwBNfg_LwBiAUBmAUAoAXRP_BA_wGqBSpiYTdlNDk1MS1iMTM2LTQ5MzAtOGI5Zi1kNTZmYzk2OTg1OGR-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAFDHAAANgFAeAFAfAFBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=c9722f410fe077db462b7e95b9d1f6ddb3de969e&pp=0.2567
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.104.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-104-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
95a82e52ecb4f70efc18df7bbd7533ca9a583888ca6991a4d71770902fc3022a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rd_log
lax1-ib.adnxs-simple.com/ Frame 0049 		0
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QLFDmxFBwAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF8ASo2CcL1KFyPwtU_EVmGONbFbdA_GQAAAKBwPR1AIVoNEgQpww0k2DEAAADgehTyPzC25NUMOLMZQNgISAJQ1-D8vAFYxdKJAWAAaMqOoQF4zuUDgAEBigEDVVNEkgEBBuCYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA0NTc5Nzk4LCAwKTsBFCxpJywgNzY4ODIxMywRFCxnJywgMTkyMDUyMzUVFSxjJywgNTQxNzEzNDIVFTByJywgMzk2MzA4NTY3BRbwkJICqQUhUTRuZF9nak9yZW9aRU5mZ19Md0JHQUFneGRLSkFUQUJPQUJBQUVqWUNGQzI1TlVNV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QWVlbzRoS1F3dFVfd1FIbnFPSVNrTUxWUDhrQkFBQUFBQUFBOERfWkFRQUEFD3RQQV80QUdWb05VRDlRSEQ5VEJBbUFJQW9BSUN0UUkFIwB2DQjwvHdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTU9DTHVreVNZUUJCZ0JMUkFkZnptaUF4TUlrYW5ESlJBS0dBRXR0UGFFUHpJRGRXNXJ1Z01KVEVGWU1UbzFPVFl3NEFQbEw0QUU0ZE8wQ1lnRTR0TzBDWkFFQUpnRUJMSUVDZ2pSaGVFTUVNX1VvUTJ5QkFvSTA1TGFEQkRQMUtFTnVnUWFDSVVFRVFBQUFBQUFBTkFfRxEMWEFBQUlLZjE1UTY2QkJvSW5na1JtcG1aAQIMeVQ4WgEgDQEwZzBZWGhETUVFemN6TQECEDNEX0pCDR0BARQyQVFBOFEuWQAYZ0Z5QzZwQhETFFBBX3NRVQErCQEITUVGCQkBAQRESi4oAAAwLigABE5rFSjIOERfZ0JkQ0pBdkFGODVpVUNmZ0Yxc09YQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHQUFBBQIsQkVDb0JnU3lCaVFKBREJAQBSCQcFAS7sAABoBRIFAURDNEJnby6aApkBIUtoaFpFQWo2rQIsTVhTaVFFZ0FDZ0FNEelUQVJBT2dsTVFWZ3hPalU1TmpCQTVTORV5CDhEOR15AEIdeQhCaHo1XQQ5cAWABQEEQngFBwUBQWgAazV48Ek4RDgusgIBMNgCpEPgAur5JeoCFWZvcnVtLmtpbGxlcmZyb2dzLmNvbfICEQoGQURWX0lEEgc0NTc5Nzk48gISCgZDUEdfSUQSCHHIGPICCgoFQ1ABKDgBMPICDQoIQURWX0ZSRVEREBxSRU1fVVNFUgUQAB4JICxDT0RFEhIwMDE4ZDABATw3bmFXUEFBWfICJwoIQ1BHCSEMG2Exbg0hXDB1RDViQUFFRGlzY292ZXJ58gILCgdDUAkpHADyAhAKBUlPAYYAB412GPICHQoHSU8JIQASRkoAQPICEwoPQ1VTVE9NX01PREVMAT0UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3wiwEwgAMBiAMAkAMAmAMUoAMBqgMAwAOsAsgDANgD-4kG4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQKODEuOTUuNS4zMKgEz02yBAwIABAAGAAgADAAOAK4BADABADIBADSBA4xMTEyI0xBWDE6NTk2MNoEAggB4AQA8ATX4Py8AYgFAZgFAKAF0T_wQP8BqgUqYmE3ZTQ5NTEtYjEzNi00OTMwLThiOWYtZDU2ZmM5Njk4NThkfjg4M34xwAUAyQUAAAAAAADwP9IFCQkABQxwAADYBQHgBQHwBQX6BQQIABAAkAYAmAYAuAYAwQYJIijwP9AGvwPaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUgN4Sy6BkAAyAfO5QPSBw0VdAE4CNoHBgknYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=2c3f1c19fb4b4264c2b76e5757ba91ea53bf3374&bdref=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist,about%3Ablank&
Requested by
Host: lax1-ib.adnxs-simple.com
URL: https://lax1-ib.adnxs-simple.com/ab?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QLFDmxFBwAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF4ASo2CcT1KFyPwtU_EVqGONbFbdA_GQAAAKBwPR1AIRESBCnDDSTYMQAAAOB6FPI_MLbk1Qw4sxlA2AhIAlDX4Py8AVjF0okBYABoyo6hAXjO5QOAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDQ1Nzk3OTgsIDApOwEULGknLCA3Njg4MjEzLBEULGcnLCAxOTIwNTIzNRUVLGMnLCA1NDE3MTM0MhUVMHInLCAzOTYzMDg1NjcFFvCQkgKpBSFRNG5kX2dqT3Jlb1pFTmZnX0x3QkdBQWd4ZEtKQVRBQk9BQkFBRWpZQ0ZDMjVOVU1XQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZWVvNGhLUXd0VV93UUhucU9JU2tNTFZQOGtCQUFBQUFBQUE4RF9aQVFBQQUPdFBBXzRBR1ZvTlVEOVFIRDlUQkFtQUlBb0FJQ3RRSQUjAHYNCPC8d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMdWt5U1lRQkJnQkxSQWRmem1pQXhNSWthbkRKUkFLR0FFdHRQYUVQeklEZFc1cnVnTUpURUZZTVRvMU9UWXc0QVBsTDRBRTRkTzBDWWdFNHRPMENaQUVBSmdFQkxJRUNnalJoZUVNRU1fVW9RMnlCQW9JMDVMYURCRFAxS0VOdWdRYUNJVUVFUUFBQUFBQUFOQV9HEQxYQUFBSUtmMTVRNjZCQm9JbmdrUm1wbVoBAgx5VDhaASANATBnMFlYaERNRUV6Y3pNAQIQM0RfSkINHQEBFDJBUUE4US5ZABhnRnlDNnBCERMUUEFfc1FVASsJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmRDSkF2QUY4NWlVQ2ZnRjFzT1hBb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdBQUEFAixCRUNvQmdTeUJpUUoFEQkBAFIJBwUBLuwAAGgFEgUBREM0QmdvLpoCmQEhS2hoWkVBajatAixNWFNpUUVnQUNnQU0R6VRBUkFPZ2xNUVZneE9qVTVOakJBNVM5FXkIOEQ5HXkAQh15CEJoejVdBDlwBYAFAQRCeAUHBQFBaABrNXjwSThEOC6yAgEw2AKkQ-AC6vkl6gIVZm9ydW0ua2lsbGVyZnJvZ3MuY29t8gIRCgZBRFZfSUQSBzQ1Nzk3OTjyAhIKBkNQR19JRBIIccgY8gIKCgVDUAEoOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAAHgkgLENPREUSEjAwMThkMAEBPDduYVdQQUFZ8gInCghDUEcJIQwbYTFuDSFcMHVENWJBQUVEaXNjb3ZlcnnyAgsKB0NQCSkcAPICEAoFSU8BhgAHjXYY8gIdCgdJTwkhABJGSgBA8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCLATCAAwGIAwCQAwCYAxSgAwGqAwDAA6wCyAMA2AP7iQbgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAo4MS45NS41LjMwqATPTbIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjExMTIjTEFYMTo1OTYw2gQCCAHgBADwBNfg_LwBiAUBmAUAoAXRP_BA_wGqBSpiYTdlNDk1MS1iMTM2LTQ5MzAtOGI5Zi1kNTZmYzk2OTg1OGR-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAFDHAAANgFAeAFAfAFBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=c9722f410fe077db462b7e95b9d1f6ddb3de969e&pp=0.2567
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
AN-X-Request-Uuid
74cc4bab-8690-4768-8ec5-32464a30b4f4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
lax1-ib.adnxs-simple.com/ Frame 0049 		0
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lax1-ib.adnxs-simple.com/it?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QL_C2z_BQAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF8ASo2CcL1KFyPwtU_EVmGONbFbdA_GQAAAKBwPR1AIVoNEgQpww0k2DEAAADgehTyPzC25NUMOLMZQNgISAJQ1-D8vAFYxdKJAWAAaMqOoQF4zuUDgAEBigEDVVNEkgEBBuCYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA0NTc5Nzk4LCAwKTsBFCxpJywgNzY4ODIxMywRFCxnJywgMTkyMDUyMzUVFSxjJywgNTQxNzEzNDIVFTByJywgMzk2MzA4NTY3BRbwkJICqQUhUTRuZF9nak9yZW9aRU5mZ19Md0JHQUFneGRLSkFUQUJPQUJBQUVqWUNGQzI1TlVNV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QWVlbzRoS1F3dFVfd1FIbnFPSVNrTUxWUDhrQkFBQUFBQUFBOERfWkFRQUEFD3RQQV80QUdWb05VRDlRSEQ5VEJBbUFJQW9BSUN0UUkFIwB2DQjwvHdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTU9DTHVreVNZUUJCZ0JMUkFkZnptaUF4TUlrYW5ESlJBS0dBRXR0UGFFUHpJRGRXNXJ1Z01KVEVGWU1UbzFPVFl3NEFQbEw0QUU0ZE8wQ1lnRTR0TzBDWkFFQUpnRUJMSUVDZ2pSaGVFTUVNX1VvUTJ5QkFvSTA1TGFEQkRQMUtFTnVnUWFDSVVFRVFBQUFBQUFBTkFfRxEMWEFBQUlLZjE1UTY2QkJvSW5na1JtcG1aAQIMeVQ4WgEgDQEwZzBZWGhETUVFemN6TQECEDNEX0pCDR0BARQyQVFBOFEuWQAYZ0Z5QzZwQhETFFBBX3NRVQErCQEITUVGCQkBAQRESi4oAAAwLigABE5rFSjIOERfZ0JkQ0pBdkFGODVpVUNmZ0Yxc09YQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHQUFBBQIsQkVDb0JnU3lCaVFKBREJAQBSCQcFAS7sAABoBRIFAURDNEJnby6aApkBIUtoaFpFQWo2rQIsTVhTaVFFZ0FDZ0FNEelUQVJBT2dsTVFWZ3hPalU1TmpCQTVTORV5CDhEOR15AEIdeQhCaHo1XQQ5cAWABQEEQngFBwUBQWgAazV48LY4RDgusgIBMNgCpEPgAur5JeoCFWZvcnVtLmtpbGxlcmZyb2dzLmNvbYADAYgDAJADAJgDFKADAaoDAMADrALIAwDYA_uJBuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECjgxLjk1LjUuMzCoBM9NsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMTExMiNMQVgxOjU5NjDaBAIIAeAEAPAE1-D8vAGIBQGYBQCgBf____-F_dABqgUqYmE3ZTQ5NTEtYjEzNi00OTMwLThiOWYtZDU2ZmM5Njk4NThkfjg4M34xwAUAyQUAAAECFPA_0gUJCQEKAQEs2AUB4AUB8AUF-gUEAZkokAYAmAYAuAYAwQYBHzAAAPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=eb45237a3524c1e81d594b90bdf7665041cfb3a5
Requested by
Host: lax1-ib.adnxs-simple.com
URL: https://lax1-ib.adnxs-simple.com/ab?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QLFDmxFBwAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF4ASo2CcT1KFyPwtU_EVqGONbFbdA_GQAAAKBwPR1AIRESBCnDDSTYMQAAAOB6FPI_MLbk1Qw4sxlA2AhIAlDX4Py8AVjF0okBYABoyo6hAXjO5QOAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDQ1Nzk3OTgsIDApOwEULGknLCA3Njg4MjEzLBEULGcnLCAxOTIwNTIzNRUVLGMnLCA1NDE3MTM0MhUVMHInLCAzOTYzMDg1NjcFFvCQkgKpBSFRNG5kX2dqT3Jlb1pFTmZnX0x3QkdBQWd4ZEtKQVRBQk9BQkFBRWpZQ0ZDMjVOVU1XQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZWVvNGhLUXd0VV93UUhucU9JU2tNTFZQOGtCQUFBQUFBQUE4RF9aQVFBQQUPdFBBXzRBR1ZvTlVEOVFIRDlUQkFtQUlBb0FJQ3RRSQUjAHYNCPC8d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMdWt5U1lRQkJnQkxSQWRmem1pQXhNSWthbkRKUkFLR0FFdHRQYUVQeklEZFc1cnVnTUpURUZZTVRvMU9UWXc0QVBsTDRBRTRkTzBDWWdFNHRPMENaQUVBSmdFQkxJRUNnalJoZUVNRU1fVW9RMnlCQW9JMDVMYURCRFAxS0VOdWdRYUNJVUVFUUFBQUFBQUFOQV9HEQxYQUFBSUtmMTVRNjZCQm9JbmdrUm1wbVoBAgx5VDhaASANATBnMFlYaERNRUV6Y3pNAQIQM0RfSkINHQEBFDJBUUE4US5ZABhnRnlDNnBCERMUUEFfc1FVASsJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmRDSkF2QUY4NWlVQ2ZnRjFzT1hBb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdBQUEFAixCRUNvQmdTeUJpUUoFEQkBAFIJBwUBLuwAAGgFEgUBREM0QmdvLpoCmQEhS2hoWkVBajatAixNWFNpUUVnQUNnQU0R6VRBUkFPZ2xNUVZneE9qVTVOakJBNVM5FXkIOEQ5HXkAQh15CEJoejVdBDlwBYAFAQRCeAUHBQFBaABrNXjwSThEOC6yAgEw2AKkQ-AC6vkl6gIVZm9ydW0ua2lsbGVyZnJvZ3MuY29t8gIRCgZBRFZfSUQSBzQ1Nzk3OTjyAhIKBkNQR19JRBIIccgY8gIKCgVDUAEoOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAAHgkgLENPREUSEjAwMThkMAEBPDduYVdQQUFZ8gInCghDUEcJIQwbYTFuDSFcMHVENWJBQUVEaXNjb3ZlcnnyAgsKB0NQCSkcAPICEAoFSU8BhgAHjXYY8gIdCgdJTwkhABJGSgBA8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCLATCAAwGIAwCQAwCYAxSgAwGqAwDAA6wCyAMA2AP7iQbgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAo4MS45NS41LjMwqATPTbIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjExMTIjTEFYMTo1OTYw2gQCCAHgBADwBNfg_LwBiAUBmAUAoAXRP_BA_wGqBSpiYTdlNDk1MS1iMTM2LTQ5MzAtOGI5Zi1kNTZmYzk2OTg1OGR-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAFDHAAANgFAeAFAfAFBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=c9722f410fe077db462b7e95b9d1f6ddb3de969e&pp=0.2567
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
AN-X-Request-Uuid
80fb6fdf-5520-4f69-874b-ec86067855d7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs-simple.com/v/s/230/ Frame 0049 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs-simple.com/v/s/230/trk.js
Requested by
Host: lax1-ib.adnxs-simple.com
URL: https://lax1-ib.adnxs-simple.com/ab?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QLFDmxFBwAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF4ASo2CcT1KFyPwtU_EVqGONbFbdA_GQAAAKBwPR1AIRESBCnDDSTYMQAAAOB6FPI_MLbk1Qw4sxlA2AhIAlDX4Py8AVjF0okBYABoyo6hAXjO5QOAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDQ1Nzk3OTgsIDApOwEULGknLCA3Njg4MjEzLBEULGcnLCAxOTIwNTIzNRUVLGMnLCA1NDE3MTM0MhUVMHInLCAzOTYzMDg1NjcFFvCQkgKpBSFRNG5kX2dqT3Jlb1pFTmZnX0x3QkdBQWd4ZEtKQVRBQk9BQkFBRWpZQ0ZDMjVOVU1XQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUUtvQVFLd0FRQzVBZWVvNGhLUXd0VV93UUhucU9JU2tNTFZQOGtCQUFBQUFBQUE4RF9aQVFBQQUPdFBBXzRBR1ZvTlVEOVFIRDlUQkFtQUlBb0FJQ3RRSQUjAHYNCPC8d0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQmdBTUJtQU1Cb2dNT0NMdWt5U1lRQkJnQkxSQWRmem1pQXhNSWthbkRKUkFLR0FFdHRQYUVQeklEZFc1cnVnTUpURUZZTVRvMU9UWXc0QVBsTDRBRTRkTzBDWWdFNHRPMENaQUVBSmdFQkxJRUNnalJoZUVNRU1fVW9RMnlCQW9JMDVMYURCRFAxS0VOdWdRYUNJVUVFUUFBQUFBQUFOQV9HEQxYQUFBSUtmMTVRNjZCQm9JbmdrUm1wbVoBAgx5VDhaASANATBnMFlYaERNRUV6Y3pNAQIQM0RfSkINHQEBFDJBUUE4US5ZABhnRnlDNnBCERMUUEFfc1FVASsJAQhNRUYJCQEBBERKLigAADAuKAAETmsVKMg4RF9nQmRDSkF2QUY4NWlVQ2ZnRjFzT1hBb0lHQTFWVFJJZ0dCSkFHQVpnR0FLRUdBQUEFAixCRUNvQmdTeUJpUUoFEQkBAFIJBwUBLuwAAGgFEgUBREM0QmdvLpoCmQEhS2hoWkVBajatAixNWFNpUUVnQUNnQU0R6VRBUkFPZ2xNUVZneE9qVTVOakJBNVM5FXkIOEQ5HXkAQh15CEJoejVdBDlwBYAFAQRCeAUHBQFBaABrNXjwSThEOC6yAgEw2AKkQ-AC6vkl6gIVZm9ydW0ua2lsbGVyZnJvZ3MuY29t8gIRCgZBRFZfSUQSBzQ1Nzk3OTjyAhIKBkNQR19JRBIIccgY8gIKCgVDUAEoOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAAHgkgLENPREUSEjAwMThkMAEBPDduYVdQQUFZ8gInCghDUEcJIQwbYTFuDSFcMHVENWJBQUVEaXNjb3ZlcnnyAgsKB0NQCSkcAPICEAoFSU8BhgAHjXYY8gIdCgdJTwkhABJGSgBA8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCLATCAAwGIAwCQAwCYAxSgAwGqAwDAA6wCyAMA2AP7iQbgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAo4MS45NS41LjMwqATPTbIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjExMTIjTEFYMTo1OTYw2gQCCAHgBADwBNfg_LwBiAUBmAUAoAXRP_BA_wGqBSpiYTdlNDk1MS1iMTM2LTQ5MzAtOGI5Zi1kNTZmYzk2OTg1OGR-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAFDHAAANgFAeAFAfAFBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=c9722f410fe077db462b7e95b9d1f6ddb3de969e&pp=0.2567
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 09:56:48 GMT
Server
AkamaiNetStorage
ETag
"058fa2042959b529aeb940fcab36a18f:1668074208.514848"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27458
Expires
Sun, 19 Nov 2023 14:39:20 GMT
border.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/border.png
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80ec12244ed94cb36ab7bc54c9fec4bd8658e7f7ad9b89fc552f091ae1f83735
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:10 GMT
x-content-type-options
nosniff
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4025
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:10 GMT
clouds.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/clouds.jpg
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8e7bb6c9ab7b3caf5c199cd272ee4243eb41d488e24066003ce6b1ee2744a6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:10 GMT
x-content-type-options
nosniff
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4533
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 577A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB_gKl-p4Y87_DsSE7_UPg6Op8A8AAAAAOAHgBAI&bg=!dHeldzPNAAbvMpMzzzI7ACkAdvg8Wqcy-5UvRXYksvTH0CKVBeJueZuveQ-CLag50OqFpr9X4Y2xGwIAAACpUgAAAAJoAQcKAGnQ5xGNH2RukhDbgMqREMWYGZ1tIHVeNZJBBQWyLOSVmMCAstZTFw9D8xh0W2UZ-efr5x57Opgyc9yZkoTm-6ffP2pKY5YhmRS9HOyUG7gCYgroDbfSJA3lzkybC2flFcgiZwNPGwQEVHGZAwGXZYKmcC7mu1lYNmdVrP_CaZrm9tebeS6WxI10MJlIO3-_xDKOFM5wDldIY0ThqTRXhNGP_OllBm94sVa-2zqLwTAWpPNyRINphZv-aNfZOM-PfaFK8-VZIoY1T07eYqwKyH0GGsodr6mS1Uf5arvFrx82v2ODpzLFdoYrQY-fRMZqyQYiAQHT8sUG0WSED7_RY7iLri-ShSvR1PM6AcaZwGrT9uZZwZvsBLEavpQhMuyaoHp48uL-oi931G2NPEanCohYBrwGm5aOD65aENATaUIy8dN51jN-gfHaDrftckxpB9ByHM-ZMQlW6kewStWbS_0-QjXqhmul8RFLF3shwKxPsUaCWTN5riCxDJU-0_lujM1JH8FP2-h-BosWWxyPNsf2kzsxNRKy7hPk273BOVuZzKrjdkaDWspo1vozC_c71Ol93w_I777FfU7THc3yH1f1heSahtRF4VDKtviPDz03uazAtdXq64PPmFhjEQDr9arlWfMOSbKExdpLR35n2lY5ULz1xm_e8Mv2CfJKiT2ToH3DdonHRADUUW_9BHBnclZoCJnGlrF5W5OpbzFM8-olxO_LABWkac23eZF9BBDZ-xEXYa3Yu8C_5VtjNJQRd1uuvZqZ_W4iMQsClN2XQpUOOFgKvdVdo020sR2oRWUKfQdWoR0Ikw5QwD1ShOOrabozjhxrNoub602GVYcedq1lUBRCKlkFa7XkouGLfRPQokmNbljLnNoVChoSxjB71dVGiZxVtXRIxJMBgIpinkHwU7g-3HimN0ekEuD2vT5bGuS1NmiX45Nkmf12oeuAK1xB5bz5FVxMOVkblyZOfT8j6iJuMnYo_kHvlU5vVrbjbgRjy4IzXWPXO353TPBZK7KL_OKDkjQtD7mbqeWw2u6hBHSL9t3M8iPGUWpR6HWtDB8SvNUPYvPAfLgPtbobuWDVSqwwJmGHTyh3qE_aiPQ8gqWbxx3SFicRmPHpcGADmQpEa9qbimGKDYn8G6_Qyw-x48O5-3TcQv6DV483
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kv.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/kv.jpg
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
354551f6fb654f3f9276f834f95e8a20271596d12602ed2f52cfb1c841b5af4e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:11 GMT
x-content-type-options
nosniff
age
70688
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11537
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:11 GMT
EN_ESRB.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/EN_ESRB.png
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adc77dab95ccc11d4fa80196004e854ace6e2b01ca5d7bebe59b7d7c74ddd3eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:11 GMT
x-content-type-options
nosniff
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22671
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:11 GMT
j-6908103-4110845.js
cdn.flashtalking.com/xre/690/6908103/4110845/js/ Frame 0049 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/690/6908103/4110845/js/j-6908103-4110845.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/192772;6908103;201;js;Captify;DemandCreationCreativeCloudChannelExpansion2022Q4DEDisplayCaptifyCyberMondayTargetedLeaderboard728x90MultiSBDM728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=forum.killerfrogs.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=212148.76371691527
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
66ed1607765163ed7deef71e85e02dbfee8c9002fe111f635431619977819a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 10:54:57 GMT
Server
Flashtalking (AKA)
ETag
W/"4cdc800e7bca4d732890c618866eac35"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-Varnish
565250225
Cache-Control
max-age=1086
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13644
Expires
Sat, 19 Nov 2022 14:57:26 GMT
shadow.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/shadow.jpg
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1e19a8e708dcbc47d0945c6967fd01890d6320db36395d9bda43e13617e03d4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:11 GMT
x-content-type-options
nosniff
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11719
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:11 GMT
sky.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/sky.jpg
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9031d9d04ce40b4a28249df518d85f76fd15809258d29c87066af2eb1ebda831
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:11 GMT
x-content-type-options
nosniff
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10427
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:11 GMT
tower.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/ Frame D935 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10828385198590781233/728x90/images/tower.png
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43f9002c8e1a1f10ca2370f1b122c144f0cd2321683c17dd1d9da859f81b4c4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 18 Nov 2022 19:01:11 GMT
x-content-type-options
nosniff
age
70689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21828
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 13:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 Nov 2023 19:01:11 GMT
translator
hbopenbid.pubmatic.com/ Frame A84E 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame A84E 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
server
envoy
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/ Frame A84E 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ Frame A84E 		94 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
5f185b04aa506b07f807526ef21e365dfa884cdd5faddd3e7c528ca8c418a719

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
arj
os4m-d.openx.net/w/1.0/ Frame A84E 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3d61c963-afbd-40e1-90ed-1cd8493f7a65&nocache=1668868760080&pubcid=880fb91e-21c1-4e8f-af66-8dacd6080bf0&schain=1.0%2C1!yieldlift.com%2C2000088%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-8208067433800-0&aucs=&auid=542425201
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
26155f573fb7942a2f0dc177ed183337989c43ef1fa473eb08c15c77fd009981

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A84E 		240 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=348664&zone_id=1851016&size_id=2&rp_schain=1.0,1!yieldlift.com,2000088,1,,,&eid_pubcid.org=880fb91e-21c1-4e8f-af66-8dacd6080bf0%5E1&rf=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&tk_flint=pbjs_lite_v6.25.0&x_source.tid=3d61c963-afbd-40e1-90ed-1cd8493f7a65&l_pb_bid_id=12362c387fde891&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.037264399321516484
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e6a19f4b3af27d479651edd2a6e6ad6efedf3cfeeee7981101041bfb7537c0f5

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame A84E 		139 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
682c17ef393208095aaf321e645e6668411c722888f5f388db921af742786520
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
AN-X-Request-Uuid
1fdf3589-3b61-4598-adb8-16783d796cb6
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame A84E 		87 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=a5AaH8kr4r64m5aKlId8sQ
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7d6af81e918869fe172f3d3afbcea492b2d4cdca0751fce087e6c8e39275aa14

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://forum.killerfrogs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trinity.json
apex.go.sonobi.com/ Frame A84E 		95 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2218e05cdfaeb622d%22%3A%2238af58d79fe332e9ca7f%7C728x90%7Cgpid%3D%2F8570%2Fsportspublishinggroup%2Fkillerfrogs-13437-728x90-ads-desktop%22%7D&ref=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&s=e14c417d-7417-400a-9972-fb095b49c5bf&pv=936c4e29-3fad-4f3f-affa-3cd00410ff0c&vp=mobile&lib_name=prebid&lib_v=6.25.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000088%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22880fb91e-21c1-4e8f-af66-8dacd6080bf0%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22880fb91e-21c1-4e8f-af66-8dacd6080bf0%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
674e6e8837e6ef9e93327486a309849f38e9808c3cfad82bd69f561b50d675dc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-19
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/231886/0/ Frame A84E 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/231886/0/mvo?z=1r&hbv=6.25,2.1
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
d9core
d9.flashtalking.com/ Frame 0049 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/690/6908103/4110845/js/j-6908103-4110845.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.151.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-151-106.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
f9e9933728437ea3b4f2ff828eba920b342e6666d308f405d3205e1ce89e1709

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10814
dvtp_src.js
cdn.doubleverify.com/ Frame 0049 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=15911784&cmp=192772&sid=6774&plc=6908103&num=&adid=&advid=&adsrv=29&btreg=6908103&btadsrv=flashtalking&crt=4110845&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&929948051
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/690/6908103/4110845/js/j-6908103-4110845.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d2add4645bed7a531b01c9340d90b8f517ea7af7c295684070df6b52b5382865

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 14:38:20 GMT
Server
Microsoft-IIS/10.0
ETag
"096fee7fff8d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
4110845.gif
cdn.flashtalking.com/xre/690/6908103/4110845/image/ Frame 0049 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/xre/690/6908103/4110845/image/4110845.gif?477073306
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
595b21c38c4ce2dcb50207a5d19d282ed77fa145d27ae9add5219412321540ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Last-Modified
Wed, 02 Nov 2022 10:54:58 GMT
Server
Flashtalking (AKA)
ETag
W/"9049903f6f550a0871d93edbf323373a"
Content-Type
image/gif
X-Varnish
563966980
Cache-Control
max-age=1087
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21633
Expires
Sat, 19 Nov 2022 14:57:27 GMT
surly.js
c.betrad.com/ Frame 0049 		0
0
main.19.8.365.js
static.adsafeprotected.com/ Frame 0049 		196 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.365.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931236&advId=4579798&campId=19205235&pubId=3251&chanId=0&placementId=396308567&dealId=0&planId=26571318&adsafe_par&bidurl=forum.killerfrogs.com&bidPr=0.34&uId=&impId=8332597031905138613&respID=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:49:22 GMT
x-amz-version-id
Vqi07xtV7_e2oYjjMO93A9MKtrJ0y1dj
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
308998
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Nov 2022 22:25:26 GMT
server
AmazonS3
etag
W/"e5052dd7e7b2a5bcce2aed91a616a5dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
_Qm6MxMNZ-xhPdUFi1xNbgQCbgvUMlKCrZw4C3tMe9jKsnTpD-6T0g==
sca.17.6.2.js
static.adsafeprotected.com/ Frame F20A 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
5094184
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
jLLhLfKcY5WeLLmHd-_gm7hm9rvSFpnjn9_HDNcIkOkVjBuVBWHnUQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931236&advId=4579798&campId=19205235&pubId=3251&chanId=0&placementId=396308567&dealId=0&planId=26571318&adsafe_par&bidurl=forum.killerfrogs.com&bidPr=0.34&uId=&impId=8332597031905138613&respID=0&adsafe_url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&adsafe_type=abeq&adsafe_jsinfo=,id:b670ffae-ce0d-23cf-b229-62be520e0db5,c:uqmCjI,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-576b7d7998-fk926,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.1110.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:69,mot:0,app:0,maw:0,fm:tnDZf4x+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C1a*.931236%7C1b%7C1c%7C1d,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:81,oid:f3b49d40-6817-11ed-b3d0-02070ea0d38e,v:19.8.365,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.104.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-104-30.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931236&asId=b670ffae-ce0d-23cf-b229-62be520e0db5&tv=%7Bc:uqmCjW,pingTime:0,time:95,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:81%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:95,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:81,wc:0.0.1600.1200,ac:436.1110.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~100%5D,as:%5B24~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnDZf4x+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C1a*.931236%7C1b%7C1c%7C1d,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:82%7D&br=c
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:dbf8:cb33:6058:925d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
stats
gw.geoedge.be/api/ Frame 99ED 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/stats
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.231.111.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-111-174.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:20 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931236&asId=b670ffae-ce0d-23cf-b229-62be520e0db5&tv=%7Bc:uqmCkd,pingTime:-2,time:112,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:764,beZ:765,mfA:832,cmA:833,inA:833,inZ:836,prA:836,prZ:840,si:845,poA:846,poZ:856,cmZ:856,mfZ:856,loA:865,loZ:867,ltA:875,ltZ:875,mdA:765,mdZ:803%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:81%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:112,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:81,wc:0.0.1600.1200,ac:436.1110.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~100%5D,as:%5B41~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tnDZf4x+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C1a*.931236%7C1b%7C1c%7C1d,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:82,slid:%5BIL_SR_RESULT_CONTENT,IL_SR_AD_AREA,IL_INSEARCH%5D,sinceFw:30,readyFired:true%7D&br=c
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:dbf8:cb33:6058:925d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dv-measurements3196.js
cdn.doubleverify.com/ Frame 574F 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3196.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c6f44e351f920e8a32a0f47f6f0b83e5daa4f79af853868bd75990e10b2617bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 09:55:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0532a59d8f8d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107052
integrator.js
adservice.google.de/adsid/ Frame A84E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forum.killerfrogs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A84E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forum.killerfrogs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A84E 		536 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3473709602320748&correlator=3800494252476357&eid=31068366%2C31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=8570%2Csportspublishinggroup%2Ckillerfrogs-13437-728x90-ads-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=1795487050&sfv=1-0-40&prev_scp=rfsh%3D1%26rfshtime%3D10&eri=1&sc=1&cookie=ID%3D82b8ce1dd093e46b%3AT%3D1668868758%3AS%3DALNI_Mb4KlfOZxHHkm5oIZqkfr2YzSS0Zg&gpic=UID%3D00000b840e1dcc2a%3AT%3D1668868758%3ART%3D1668868758%3AS%3DALNI_MaTaypLWEmU7PFg4y_kuGSm8B6PCQ&abxe=1&dt=1668868760259&lmt=1668868760&dlt=1668868759625&idt=357&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=503roh4mu8bz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&ref=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&top=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&frm=23&vis=1&psz=728x-1&msz=728x-1&fws=260&ohw=728&ea=0&ga_vid=1373169964.1668868758&ga_sid=1668868760&ga_hid=86183585&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y87_RgskwSABSAghvEhsKDGlkNS1zeW5jLmNvbRiyvdGCyTBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj8u9GCyTBIAFICCGQSGQoKcHViY2lkLm9yZxjowNGCyTBIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y_LvRgskwSABSAghkEj4KBW9wZW54EixleUpwSWpvaVFsbG1MMjFqU25OVWIzVm1kRVF6Tmxsb1JrRlVVVDA5SW4wPRjOv9GCyTBIABLWAQoIcnRiaG91c2USwAF5WVFjVEZKRTZjMmlzMENndFI5ZktzSHlwNG9yWXNCQTdMUEYrTUExdmdUUUNsRC9yTHl2ZXRaWkE0OE1uWDI3MVlKUVAyTXVGMjd6UFprV0I2UnQ0cDdMMlMvYStSSm1QLzFHaGo3bTMzeVNVM2gySThJWHNUSklLV0RRb3RkTFRobUJ4YUIxaUNHOHZoOVF0YXoxeVFCRWM4NG0vbXpJYmlFTlIzQVh0N1UxUU40RlFYNERac3FLQ3VKdVJ3bUgY1b7RgskwSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fa78bb820716fdb7bdf5f6b37ad2c39e822003ab3085e51140f903c72cfff2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A84E 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
667a2f03e63d6e41047b3bb7a02f2836b5e58a61175194f59d9846acaabbffc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11223
x-xss-protection
0
container.html
3a96a8120a9ce8d2357fea80ddd9a943.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE2E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3a96a8120a9ce8d2357fea80ddd9a943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:20 GMT
expires
Sun, 19 Nov 2023 14:39:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vevent
lax1-ib.adnxs-simple.com/ Frame 0049 		0
689 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QL_C2z_BQAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF8ASo2CcL1KFyPwtU_EVmGONbFbdA_GQAAAKBwPR1AIVoNEgQpww0k2DEAAADgehTyPzC25NUMOLMZQNgISAJQ1-D8vAFYxdKJAWAAaMqOoQF4zuUDgAEBigEDVVNEkgEBBuCYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA0NTc5Nzk4LCAwKTsBFCxpJywgNzY4ODIxMywRFCxnJywgMTkyMDUyMzUVFSxjJywgNTQxNzEzNDIVFTByJywgMzk2MzA4NTY3BRbwkJICqQUhUTRuZF9nak9yZW9aRU5mZ19Md0JHQUFneGRLSkFUQUJPQUJBQUVqWUNGQzI1TlVNV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QWVlbzRoS1F3dFVfd1FIbnFPSVNrTUxWUDhrQkFBQUFBQUFBOERfWkFRQUEFD3RQQV80QUdWb05VRDlRSEQ5VEJBbUFJQW9BSUN0UUkFIwB2DQjwvHdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTU9DTHVreVNZUUJCZ0JMUkFkZnptaUF4TUlrYW5ESlJBS0dBRXR0UGFFUHpJRGRXNXJ1Z01KVEVGWU1UbzFPVFl3NEFQbEw0QUU0ZE8wQ1lnRTR0TzBDWkFFQUpnRUJMSUVDZ2pSaGVFTUVNX1VvUTJ5QkFvSTA1TGFEQkRQMUtFTnVnUWFDSVVFRVFBQUFBQUFBTkFfRxEMWEFBQUlLZjE1UTY2QkJvSW5na1JtcG1aAQIMeVQ4WgEgDQEwZzBZWGhETUVFemN6TQECEDNEX0pCDR0BARQyQVFBOFEuWQAYZ0Z5QzZwQhETFFBBX3NRVQErCQEITUVGCQkBAQRESi4oAAAwLigABE5rFSjIOERfZ0JkQ0pBdkFGODVpVUNmZ0Yxc09YQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHQUFBBQIsQkVDb0JnU3lCaVFKBREJAQBSCQcFAS7sAABoBRIFAURDNEJnby6aApkBIUtoaFpFQWo2rQIsTVhTaVFFZ0FDZ0FNEelUQVJBT2dsTVFWZ3hPalU1TmpCQTVTORV5CDhEOR15AEIdeQhCaHo1XQQ5cAWABQEEQngFBwUBQWgAazV48LY4RDgusgIBMNgCpEPgAur5JeoCFWZvcnVtLmtpbGxlcmZyb2dzLmNvbYADAYgDAJADAJgDFKADAaoDAMADrALIAwDYA_uJBuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECjgxLjk1LjUuMzCoBM9NsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMTExMiNMQVgxOjU5NjDaBAIIAeAEAPAE1-D8vAGIBQGYBQCgBf____-F_dABqgUqYmE3ZTQ5NTEtYjEzNi00OTMwLThiOWYtZDU2ZmM5Njk4NThkfjg4M34xwAUAyQUAAAECFPA_0gUJCQEKAQEs2AUB4AUB8AUF-gUEAZkokAYAmAYAuAYAwQYBHzAAAPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=eb45237a3524c1e81d594b90bdf7665041cfb3a5&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=2701049331934954130&vd=ct~0|rr~0&sv=230&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=26571318&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=2934&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/230/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
AN-X-Request-Uuid
4c1e5185-402d-4a67-b706-b622953e4362
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 574F 		724 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=60&ttfrms=22&brid=3&brver=107.0.5304.110&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau7%40CF%3E%5D%3C%3A%3D%3D6C7C%408D%5D4%40%3ETau%3A%3F56I%5DA9ATbu7%40CF%3EDTau%5CTau%3D%3ADEU2%3F4r92%3A%3Fl9EEADTbpTauTau7%40CF%3E%5D%3C%3A%3D%3D6C7C%408D%5D4%40%3ETar23%40FETbpTauTau&srcurlD=0&aUrlD=0&ssl=https:&dfs=764&ddur=73&uid=1668868760317867&jsCallback=dvCallback_1668868760317383&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3196&tgjsver=3196&lvvn=28&m1=13&refD=1&referrer=about%3Ablank&fwc=0&fcl=1137&flt=0&fec=1009&fcifrms=13&brh=2&sdf=2&dvp_epl=206&noc=4&nav_pltfrm=Win32&ctx=15911784&cmp=192772&sid=6774&plc=6908103&crt=4110845&btreg=6908103&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=12863885840.151&dvp_tukv=710009307259.2721&dvp_uuid=540081088.3869737&dvp_tuid=14326948352
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3196.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
39d10a61216e36c50a1e2b1336d8279f2d5538abcc4d3f90c398582266747cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/18/2022 14:39:20
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 0049 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type
image/png
X-Varnish
62235402 62328724
Cache-Control
max-age=574
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Sat, 19 Nov 2022 14:48:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A84E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 14:39:20 GMT
lgc
d9.flashtalking.com/ Frame 0049 		103 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.151.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-151-106.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
07e2e27b4fcc1dbc4820079e3ff4d1a77631f7cef71d2f9a8b709f0268c05c55

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 19 Nov 2022 14:39:19 GMT
Server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
103
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE8B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:11:40 GMT
expires
Sun, 19 Nov 2023 14:11:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 244C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5780b8290ffe7b80ce1a2eb58ea133e64f13631cd94fc85c1b25ed4b7cce09aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L_4B-40rCFmQ3eJho26GEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-L_4B-40rCFmQ3eJho26GEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:20 GMT
expires
Sat, 19 Nov 2022 14:39:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E9D9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:18 GMT
expires
Sun, 19 Nov 2023 14:39:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame E9D9 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
895d1a04067a5eccf3bbcd609f1d3f365fd42d50ef11a6af31c62ff59af072dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:05:20 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-version-id
vRMCAxS8M4rSGz5reJcrMrbnZyBVS.2w
last-modified
Sat, 19 Nov 2022 13:26:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2041
etag
W/"c505b4eeec85425e4efea9941d032e34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
SO1-sOyiqL68lv2cHMfuCUGrGKK-fudX4OfqgbWMDKXuxAC9VEa8GA==
/
servedby.flashtalking.com/state/6908103;4110845;0;401;F4EDABB7-3AEF-6503-733A-6DD76EA46B64/ Frame 0049 		42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/6908103;4110845;0;401;F4EDABB7-3AEF-6503-733A-6DD76EA46B64/?ft_data=d9:01325d5817e54526b59972881d500468;d9s:01325d5817e54526b59972881d500468&cachebuster=665510706
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.218.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-105.deploy.static.akamaitechnologies.com
Software
prod-xre-app5.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app5.frk11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Sat, 19 Nov 2022 14:39:20 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame BE8B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 12:06:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 244C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3473709602320748&rc=
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
init
gw.geoedge.be/api/ Frame E9D9 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.231.111.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-111-174.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:20 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame E9D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3gLml-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSaAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81g5uEWikwf1oA1qVHdGTcIgtdwQxbwMWhpbLoEEMbsMxqfHbBwjreAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNjk3Njc5NTE4NTE1ODg2GNTEDA&sigh=FXU9GvTaTog&uach_m=[UACH]&cid=CAQSPADq26N9xhl1HB4MY3heRaPN4YjJpn-lpvttbksvSRfp1i2P-Nt4mpHqEp3mbxd-BsGSNKccsassZnfuVBgBIBM
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame E9D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h1mavd462z030z3925vbq9y8hb6rxt6xxxbq1q9xw5c2rhzy3374s5z4w8g7ga6hnzz4j8z3y6jdg7v93545r5jks1sskkppcbf04vgvhge4d1q9h3xasr2hmbmt97w2qme14wkcwkjp2m3fp45wcr9s9a9bw7pb0btnnj08ztnmzdp9ga3mryh5vfy8mwmxq8m4fjxw8w4j8yxx8ws92ymv80aj29qemaefj7jb0em93j2jkbkwhazm2wz34srbwwde3y285ds5h3qe5w7mnfgd63g7e0sy4q47wgj5k24s07dy2brcjde53p418ty9ps5j8qrb775xzhdsshs72twgxsdy16p13dsen07xemdga4v6teqh7g5k0tgs4e7d5718tga5g&b=Y3jqlwAKckEKd7aJAAR3qbwqlraWhLqKO-XyNA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 0AC6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hjwatam0x2rm88xs1a00xpa14v5erb0fns6nv2ed4xxt5v8zfp4f3mh5qt0cnpapdb3y83tgbsg1mm4txb68bdv1ryx6em8h1ksbd0mqnbsfykppvbtbt0nwabj7zafa5j2mw08xfp2kfn637jkvk5gxv9r0rp3xx34g9debg01mb87hk32m89zx00sv5wzxyb8y2y5nz4379nrxhzb24m8qydksh99jbyh82hbxhbnqbeknvfxz063h8cyrz3accj8mfh0q3nm8p74ahvassecthg0zfavnmqrp90vt8kf85c82yg75jnpva60b0shsgz8srycvfj94w5g5nt30n19w7hnrrc58090dd9gxsphz3mjv93twnyxdp01yzs0bpdc0g7q2ypfyk762nbmy6vdjhsyqe60a6g83g8k8x70rfs9mph78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e908fa43e2d973afb2f53e86f1b6437def904b607852ff82ecbbb20910622d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76c9b1d93f079978-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E9D9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1727
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 14:10:33 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0006 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Sun, 20 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E9D9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83015
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
l
www.google.com/ads/measurement/ Frame E9D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT353x9szJaKUTI-vheWiiNZJ14J8mVmENrjv6HLPlZUySFSii8sZqypWD57jvZ0mGPr0quPNTXLyuYKW_N1jYckywulw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E9D9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
341751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 15:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9D9 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 14:39:20 GMT
truncated
/ Frame E9D9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecc738a492ca6d27c302d798ceae5e43229d45ed350fe9bc6e52b3698dec8877

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0006
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKRjpUtHeLESnw5xwWkg0Xw&google_cver=1&google_push=ASkJ3FYtZFX0FkcKcXGSr4TQF9W5wxAUInsXViS5-PS6lBRqKd8_-Eo3BwUx0VejKzC-UWQOeyo9Fi7t34JWNcrld_iJFGU7bg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=33C3A85ED9DD44C0ADCBF5960E8FE321&google_push=ASkJ3FYtZFX0FkcKcXGSr4TQF9W5wxAUInsXViS5-PS6lBRqKd8_-Eo3BwUx0VejKzC-UWQOeyo9Fi7t34JWNcr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=33C3A85ED9DD44C0ADCBF5960E8FE321&google_push=ASkJ3FYtZFX0FkcKcXGSr4TQF9W5wxAUInsXViS5-PS6lBRqKd8_-Eo3BwUx0VejKzC-UWQOeyo9Fi7t34JWNcrld_iJFGU7bg
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 14:39:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=33C3A85ED9DD44C0ADCBF5960E8FE321&google_push=ASkJ3FYtZFX0FkcKcXGSr4TQF9W5wxAUInsXViS5-PS6lBRqKd8_-Eo3BwUx0VejKzC-UWQOeyo9Fi7t34JWNcrld_iJFGU7bg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 18 Nov 2022 14:39:20 GMT
pixel
cm.g.doubleclick.net/ Frame 0006
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ9K7gLNRrM8jv2P_wnDmN8lvfSur7nX3uDMZ5iVEwEVnXoe5iA8xtucvtZlCFZCTEF_l4ijCkGCOHLLcOviCUHzd_a7g
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ9K7gLNRrM8jv2P_wnDmN8lvfSur7nX3uDMZ5iVEwEVnXoe5iA8xtucvtZlCFZCTEF_l4ijCkGCOHLLcOviCUHzd_a7g
date
Sat, 19 Nov 2022 14:39:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0006
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED-v5xpyPAFgBVM78-U-ODA&google_cver=1&google_push=ASkJ3FbaKTpgb1O0se6tfY44P7tJpADKVPOPAQFU78SzHDgeS2gAl8a0GE_pWKOtYclOkL0InP7ja0kPJs31PiN-T...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED-v5xpyPAFgBVM78-U-ODA&google_cver=1&google_push=ASkJ3FbaKTpgb1O0se6tfY44P7tJpADKVPOPAQFU78SzHDgeS2gAl8a0GE_pWKOtYclOkL0InP7ja0kPJs31PiN-T...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbaKTpgb1O0se6tfY44P7tJpADKVPOPAQFU78SzHDgeS2gAl8a0GE_pWKOtYclOkL0InP7ja0kPJs31PiN-TREGHi0gXw&google_hm=FrYPvGZH-ym0YxxUROWJeC84
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbaKTpgb1O0se6tfY44P7tJpADKVPOPAQFU78SzHDgeS2gAl8a0GE_pWKOtYclOkL0InP7ja0kPJs31PiN-TREGHi0gXw&google_hm=FrYPvGZH-ym0YxxUROWJeC84
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 19 Nov 2022 14:39:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ASkJ3FbaKTpgb1O0se6tfY44P7tJpADKVPOPAQFU78SzHDgeS2gAl8a0GE_pWKOtYclOkL0InP7ja0kPJs31PiN-TREGHi0gXw&google_hm=FrYPvGZH-ym0YxxUROWJeC84
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 0006
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPetBZmoo7J1ybL7AVlaiHo&google_cver=1&google_push=ASkJ3FbsVTnIYCco1pxc4nxSnXSwDPzcvunUyC_uv0Jip_E9uWPVTP9WFSlP-G22xnC_t6eg2TTZSgubKJ5-QhFq...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbsVTnIYCco1pxc4nxSnXSwDPzcvunUyC_uv0Jip_E9uWPVTP9WFSlP-G22xnC_t6eg2TTZSgubKJ5-QhFq3hCj94ixAVE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbsVTnIYCco1pxc4nxSnXSwDPzcvunUyC_uv0Jip_E9uWPVTP9WFSlP-G22xnC_t6eg2TTZSgubKJ5-QhFq3hCj94ixAVE
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 14:39:20 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbsVTnIYCco1pxc4nxSnXSwDPzcvunUyC_uv0Jip_E9uWPVTP9WFSlP-G22xnC_t6eg2TTZSgubKJ5-QhFq3hCj94ixAVE
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
SPqEwKimF8sMDjuYzLWHe7D4ZSMZkaTPsJhmyuag__7pkL7AT1RmLA==
pixel
cm.g.doubleclick.net/ Frame 0006
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEACa5HykG_4Wzhxfn1HbcUQ&google_cver=1&google_push=ASkJ3Fbo0a3ZdjKokwQ2jAl2CQg8pJAXv4ELDTkTbWqWLJn6_mEGMs5GwnxLw0qYyy8y3lljBfPglmP5ydhS...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fbo0a3ZdjKokwQ2jAl2CQg8pJAXv4ELDTkTbWqWLJn6_mEGMs5GwnxLw0qYyy8y3lljBfPglmP5ydhSqSrHF7O1UqnDDfc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fbo0a3ZdjKokwQ2jAl2CQg8pJAXv4ELDTkTbWqWLJn6_mEGMs5GwnxLw0qYyy8y3lljBfPglmP5ydhSqSrHF7O1UqnDDfc
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fbo0a3ZdjKokwQ2jAl2CQg8pJAXv4ELDTkTbWqWLJn6_mEGMs5GwnxLw0qYyy8y3lljBfPglmP5ydhSqSrHF7O1UqnDDfc
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 0006
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJYqOTO_Jq21AAv9XIYL-GE&google_cver=1&google_push=ASkJ3FbACtk-pWpmjs8Hc3t3PiqY0G7y5DNDouz3pU2rr8VG-mhoaubevEnY3YG8oWBIKT4S31PvW-gSbWJ99L38EhCuhJ...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJYqOTO_Jq21AAv9XIYL-GE&google_cver=1&google_push=ASkJ3FbACtk-pWpmjs8Hc3t3PiqY0G7y5DNDouz3pU2rr8VG-mhoaubevEnY3YG8oWBIKT4S31PvW-gSbWJ99L38...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VUKH1orFQ1uJjuLk4WOLvw&google_push=ASkJ3FbACtk-pWpmjs8Hc3t3PiqY0G7y5DNDouz3pU2rr8VG-mhoaubevEnY3YG8oWBIKT4S31PvW-gSbWJ99L3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VUKH1orFQ1uJjuLk4WOLvw&google_push=ASkJ3FbACtk-pWpmjs8Hc3t3PiqY0G7y5DNDouz3pU2rr8VG-mhoaubevEnY3YG8oWBIKT4S31PvW-gSbWJ99L38EhCuhJLHlDc
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VUKH1orFQ1uJjuLk4WOLvw&google_push=ASkJ3FbACtk-pWpmjs8Hc3t3PiqY0G7y5DNDouz3pU2rr8VG-mhoaubevEnY3YG8oWBIKT4S31PvW-gSbWJ99L38EhCuhJLHlDc
access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 0006
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKksF-UUhzRgQRaHjvAkOsY&google_cver=1&google_push=ASkJ3FbY3NPzG7byzApNP935ScRqgXC23pPvsyNo255tYioElBvR3laxvUL5Vw3TjY9kZylqKi...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKksF-UUhzRgQRaHjvAkOsY&google_cver=1&google_push=ASkJ3FbY3NPzG7byzApNP935ScRqgXC23pPvsyNo255tYioElBvR3laxvUL5Vw3TjY9kZylqKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yZ2FIc19ORTJ1SGZMeWF5bHo5czcueFFydVg0eHFWeX5B&google_push=ASkJ3FbY3NPzG7byzApNP935ScRqgXC23pPvsyNo255tYioElBvR3laxv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yZ2FIc19ORTJ1SGZMeWF5bHo5czcueFFydVg0eHFWeX5B&google_push=ASkJ3FbY3NPzG7byzApNP935ScRqgXC23pPvsyNo255tYioElBvR3laxvUL5Vw3TjY9kZylqKioyp8ozpGDDj8VrF7iylUce2iyB
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yZ2FIc19ORTJ1SGZMeWF5bHo5czcueFFydVg0eHFWeX5B&google_push=ASkJ3FbY3NPzG7byzApNP935ScRqgXC23pPvsyNo255tYioElBvR3laxvUL5Vw3TjY9kZylqKioyp8ozpGDDj8VrF7iylUce2iyB
date
Sat, 19 Nov 2022 14:39:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 0006 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVv2xridS2Gs804yqv9ifZrNPo_1ep09fCWdWuUsetDZZe5bbjiccp4DrLxBBQ0HnAOmbOwA
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 0AC6 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hjwatam0x2rm88xs1a00xpa14v5erb0fns6nv2ed4xxt5v8zfp4f3mh5qt0cnpapdb3y83tgbsg1mm4txb68bdv1ryx6em8h1ksbd0mqnbsfykppvbtbt0nwabj7zafa5j2mw08xfp2kfn637jkvk5gxv9r0rp3xx34g9debg01mb87hk32m89zx00sv5wzxyb8y2y5nz4379nrxhzb24m8qydksh99jbyh82hbxhbnqbeknvfxz063h8cyrz3accj8mfh0q3nm8p74ahvassecthg0zfavnmqrp90vt8kf85c82yg75jnpva60b0shsgz8srycvfj94w5g5nt30n19w7hnrrc58090dd9gxsphz3mjv93twnyxdp01yzs0bpdc0g7q2ypfyk762nbmy6vdjhsyqe60a6g83g8k8x70rfs9mph78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hjwatam0x2rm88xs1a00xpa14v5erb0fns6nv2ed4xxt5v8zfp4f3mh5qt0cnpapdb3y83tgbsg1mm4txb68bdv1ryx6em8h1ksbd0mqnbsfykppvbtbt0nwabj7zafa5j2mw08xfp2kfn637jkvk5gxv9r0rp3xx34g9debg01mb87hk32m89zx00sv5wzxyb8y2y5nz4379nrxhzb24m8qydksh99jbyh82hbxhbnqbeknvfxz063h8cyrz3accj8mfh0q3nm8p74ahvassecthg0zfavnmqrp90vt8kf85c82yg75jnpva60b0shsgz8srycvfj94w5g5nt30n19w7hnrrc58090dd9gxsphz3mjv93twnyxdp01yzs0bpdc0g7q2ypfyk762nbmy6vdjhsyqe60a6g83g8k8x70rfs9mph78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
249218
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76c9b1d99a0dbba7-FRA
expires
0
r62eglto.js
ad4m.at/ Frame 0AC6 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hjwatam0x2rm88xs1a00xpa14v5erb0fns6nv2ed4xxt5v8zfp4f3mh5qt0cnpapdb3y83tgbsg1mm4txb68bdv1ryx6em8h1ksbd0mqnbsfykppvbtbt0nwabj7zafa5j2mw08xfp2kfn637jkvk5gxv9r0rp3xx34g9debg01mb87hk32m89zx00sv5wzxyb8y2y5nz4379nrxhzb24m8qydksh99jbyh82hbxhbnqbeknvfxz063h8cyrz3accj8mfh0q3nm8p74ahvassecthg0zfavnmqrp90vt8kf85c82yg75jnpva60b0shsgz8srycvfj94w5g5nt30n19w7hnrrc58090dd9gxsphz3mjv93twnyxdp01yzs0bpdc0g7q2ypfyk762nbmy6vdjhsyqe60a6g83g8k8x70rfs9mph78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359955
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Jul 2022 10:39:11 GMT
server
cloudflare
etag
W/"a69f5acd9289c65e67397be142bc2c3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jxN4HM6zfEqyoRNzhysH1suvZLWbAoKMy2cvT8dnsAC88NFyqEYFErOhqLcLJ5A36rtFnWOCxtadM6b5cAmti6PyZJI6g0qJE6yQxG76nRoPRjnxbqvDrzF%2FGxL9hVcOcAFC7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
76c9b1d99fda9978-FRA
expires
Tue, 08 Nov 2022 10:40:11 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931236&asId=b670ffae-ce0d-23cf-b229-62be520e0db5&tv=%7Bc:uqmCpC,pingTime:-10,time:447,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1668868760572%7C%7C5b946160a4c169693c94d3aaa100850f%7C%7Cf8b8963e850cee297829880103706300%7C%7C6a2a1fa41b8df042a67f1056379f73e5%7C%7C7051c217d1c9e371052015c1aedc21c6%7C%7C4eaeec68c029813b37e376d8d5b2b118%7C%7C05c5874db18baf24edc142e5e78aa3b2%7C%7Cd8850b4869293ce389cc285029b1c1a2%7C%7C1663701684%7D
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:dbf8:cb33:6058:925d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generate_204
tpc.googlesyndication.com/ Frame BE8B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0zwMcA
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CB76 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSMZNxztIbQavF2pNh9sq2I3Q5ZExslLVxwkdMJJis4cwYPLkheWDCThfOnFlwuN90mWnY9MexgRjOrro6pRyvQXfmDRUrxZ_zxYiGR6WFPMx89N_rkhYgDLQ0koi7GrlQ-NR-xg&sai=AMfl-YTG_xQGtvIqSDrZxs_mKSvSqvnPWZ2Hx7CSJOKucAHCdWnbZ78CLnkggSqfx_10y-kE_MnSAnJSHguNZLJS5_XN3L0qgj8Rod_5Azi_JKTzsC7afnSmLXGKXy4Y4buqXXALwVt46uo9rUzZ9Q-l&sig=Cg0ArKJSzELX7mxKgZtDEAE&cid=CAQSTADq26N9YR5IpFNRyft08wBriBdhU3JO1Xek86vwMjRG-sJGdARvx-WDkojakiPpgFGEWe02VvYd21Hok0QxhYiuvwBz3yNJJHyl95sYASAT&id=ampim&o=1140,569&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=291&tls=1292&g=100&h=100&tt=1292&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0AC6 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25773042
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dd094K6b9q9InSiL4vduxlXpQuvt2nMmZgP%2Btvcjea2IChqL4AR0W1ur69JM01vFIey7vy5bPjrknFrKgl1WDF5p%2Fwbvj%2BP%2B2h0UU8qTDTHVpklHv54X1H4RQrtE1Cy52IBwTzdGjOEib8ZqoB1aP4Mb"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
76c9b1daaec6bbef-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
frame.html
ad4m.at/ Frame D7F9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2054047
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
76c9b1da6c03bba7-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:20 GMT
expires
Wed, 26 Oct 2022 21:05:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hbe4HjGV1l%2FHCK%2B6hL0B7ziKi%2Bxt50JW1P0ZgiWmChrDPoj%2B9MPcERKpq9d3mGiMIvgm%2F1TM5DMjs0OX9hS8MEPWhr34So8yTDI8qbyrcclPt%2BSSUhYhWCpH0TGgl2TKDKU9YU8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
container.html
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B8C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:18 GMT
expires
Sun, 19 Nov 2023 14:39:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame B8C7 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
895d1a04067a5eccf3bbcd609f1d3f365fd42d50ef11a6af31c62ff59af072dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:05:20 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-version-id
vRMCAxS8M4rSGz5reJcrMrbnZyBVS.2w
last-modified
Sat, 19 Nov 2022 13:26:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
2041
etag
W/"c505b4eeec85425e4efea9941d032e34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
6g4oOWLrRU0TSO1UGv5F25GIEWLD1AskhgxXXtuoALTzNIXsjJsrKQ==
rs
ad4m.at/ Frame 0AC6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46541d17347ca4a1df35bf3db72de5eac74db10d5a87118c27fedeba6e79366

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQ4mz%2FE7pQofl3T6kz45uPoP7chSj7MoGECQC%2B5Vz9SyfsbJu7RNGbD10aNc7gVO6PVOndk9V7M5gbdAah3M8jYKZ%2FI5p52PqVm8qmPIe4MiIseiAC6O2HycnCaSLSormn9cpAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
76c9b1db18159b74-FRA
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76c9b1dacf6e9b74-FRA
content-length
24
content-type
text/plain
date
Sat, 19 Nov 2022 14:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1DmkRI55oNYtbJycbZ4pPT6IHOtFhc%2BoKZIRaLwn%2BsA3yOr31czFLev7zGooLot%2BxisbQKd0MGNxWuibOGifH8I5LosFfsv4zXBEFBxgYhpwFlCqXlWwU6uLkPKtyDRvJ9Z7cc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-v578
init
gw.geoedge.be/api/ Frame B8C7 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.231.111.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-111-174.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:20 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame B8C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cokxwl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSaAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLHZttUdViMqzkrI_pg7Dt3RQ2KUaditK9klePJRBp19D3GFYrwNSeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNjk3Njc5NTE4NTE1ODg2GNTEDA&sigh=H1Ix_S4lons&uach_m=[UACH]&cid=CAQSPADq26N9J3pmFfMFfmMqW-feWANUob0efkWQGPjOvlWwnsp4Yc71QU9zAaRVJwU6xILXarPNH4XXHI8sJRgBIBM
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame B8C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gw9qskn2mdrdvy1v7m350gf63c19r7nsp5bw9db5r10vrdykxdmb1w1na0xxd6a1kz8vetc1yyh96p323bd3pgnke47k6t72npev5x0dbfzqesdsmmrb860xrkw84hngtk1hd74c2498k3ze9h2dt7ykfcwrj98knqtm4hy60b06bzb7qm043ypv2zv8a5dz6h12418f5xxk5d25rhyr87cp8r75d6s9823b5pbqp82vb5azq1zfqt5y2mqvqv2v4m7phhgsprs9cn2dxvpn80j1z3t4qqrt42r5easqc2eyd6cbqq4sb4q48betfsw5exzsmmyfhwbn9q5htkr51693d2mweeap8bye5p5hsfv2xtnvek71nxm60z81b8bn1hbv5txsw&b=Y3jqlwAKatoKd6RlAAWX3vPKhpL1qNaaJnP6yA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A5EA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jp24mw9p742ktzhcdhqpbvyhewppp3d2aqd2f6qgwsva2mk3m3vvfhhk0na194pdb8tdtk55mzyysfydy636yftn74c43zt1ktchq14mcaxw3a1xen3bdbjyt56wnzkqywj0v9t1s8je4fqwcqzttw7sj4xgjj7s3gjyj3zzr36bfzt0ccqfkwjqfrdpyenwjnb3sb3179k5b4fncdw4dw9vckwwjv633005sh3hvdh00tbahseq538kkdftdybkkygz02y22jvzdngtye3p6x12n8b6aj51d6xjpjfkj6dxyca1xqp6e3j82xtkb100xct5s6q43zpnmmm1dhgqx26as9wwvm989m71fhptmmh3g1taad76ntbrprecs09ahk8dtqbar8nqv2meywn9r8pz27z4cb8ygrnfrb5ank4jt3xt2hva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ba6f139d68e6c5f0e83a7b6c6eed9ebcb79d8856c5f7d6507fd58c176f1d78
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76c9b1dadd14bba7-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B8C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1727
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Dec 2022 14:10:33 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A3A3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 08:42:09 GMT
etag
48472445140208031
expires
Sun, 20 Nov 2022 08:42:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B8C7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83015
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
l
www.google.com/ads/measurement/ Frame B8C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaiux7cEsSX00oE-l8v_-z516kCqMgxw3HRhZg4U-TD-niFof6WmV42GTjtNaJfBq6hw_roJtGjVbhdji4UFogKyuN7w
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B8C7 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
341751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 15:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B8C7 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 14:39:20 GMT
pixel
cm.g.doubleclick.net/ Frame A3A3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPibVybOohECE-LNa-7ckDk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPibVybOohECE-LNa-7ckDk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWpuR29YU00xT1dwMDQ1&google_gid=CAESEPibVybOohECE-LNa-7ckDk&google_cver=1&google_push=ASkJ3FZ7eU6_oyg1nLLQ2s6Yh55xsMcFetGcPEF4Hnin-_u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWpuR29YU00xT1dwMDQ1&google_gid=CAESEPibVybOohECE-LNa-7ckDk&google_cver=1&google_push=ASkJ3FZ7eU6_oyg1nLLQ2s6Yh55xsMcFetGcPEF4Hnin-_ulQZd7nbXDFo1NxnjwwtzwF0GRDWkwf9J-ETrR8vV0IH51BJ200Q
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0c6774dcbd8510e59@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UWpuR29YU00xT1dwMDQ1&google_gid=CAESEPibVybOohECE-LNa-7ckDk&google_cver=1&google_push=ASkJ3FZ7eU6_oyg1nLLQ2s6Yh55xsMcFetGcPEF4Hnin-_ulQZd7nbXDFo1NxnjwwtzwF0GRDWkwf9J-ETrR8vV0IH51BJ200Q
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A3A3
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESED75gNtO_ID1-_dMYeOiRjQ&google_cver=1&google_push=ASkJ3FadeRjh84qEqLY0nWpUkXGrgAE2gOydJUPdFPzYrwkcgCSH-xA_FjunDnlsVUO83wZNjkYtOTf8a9M...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FadeRjh84qEqLY0nWpUkXGrgAE2gOydJUPdFPzYrwkcgCSH-xA_FjunDnlsVUO83wZNjkYtOTf8a9MoLwwEhTnQkmKWiE0&google_hm=mD6JLN0DS9GOHuJpWZvsYyY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FadeRjh84qEqLY0nWpUkXGrgAE2gOydJUPdFPzYrwkcgCSH-xA_FjunDnlsVUO83wZNjkYtOTf8a9MoLwwEhTnQkmKWiE0&google_hm=mD6JLN0DS9GOHuJpWZvsYyY
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:19 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FadeRjh84qEqLY0nWpUkXGrgAE2gOydJUPdFPzYrwkcgCSH-xA_FjunDnlsVUO83wZNjkYtOTf8a9MoLwwEhTnQkmKWiE0&google_hm=mD6JLN0DS9GOHuJpWZvsYyY
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame A3A3 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH26j63YLOYs3uBFz4c69HY&google_cver=1&google_push=ASkJ3FZ4j3GwV11QC-vf9bBl64mrTk0VtSXxn2JCUQGc7cJaW22uv15uyI9WqaPKSk7k_1eWUA19fs6NvYIkvlWtv4cGEwMvx5w
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame A3A3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFOR1RJho6AbpcvQ_DZge_A&google_cver=1&google_push=ASkJ3FaVQKYCD5sjU3ZWP-GHMqg2BjJ5AlOmFGtqGY4ELTw5XrrZP-xled_TnuRYcxj69H_dS98o4s6Fw3cIu0dOeNQ7...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFOR1RJho6AbpcvQ_DZge_A&google_cver=1&google_push=ASkJ3FaVQKYCD5sjU3ZWP-GHMqg2BjJ5AlOmFGtqGY4ELTw5XrrZP-xled_TnuRYcxj69H_dS98o4s6Fw3cIu0...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f9f9fa38-119c-49e9-8f33-1f92795c8b6b
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f9f9fa38-119c-49e9-8f33-1f92795c8b6b
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=58b97118-599e-4bea-9699-2760a6c78b2a&user_group=1&ssp=google&bsw_param=f9f9fa38-119c-49e9-8f33-1f92795c8b6b
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaVQKYCD5sjU3ZWP-GHMqg2BjJ5AlOmFGtqGY4ELTw5XrrZP-xled_TnuRYcxj69H_dS98o4s6Fw3cIu0dOeNQ7xANzXg&google_hm=-fn6OBGcSemPMx-SeVyLaw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaVQKYCD5sjU3ZWP-GHMqg2BjJ5AlOmFGtqGY4ELTw5XrrZP-xled_TnuRYcxj69H_dS98o4s6Fw3cIu0dOeNQ7xANzXg&google_hm=-fn6OBGcSemPMx-SeVyLaw==
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaVQKYCD5sjU3ZWP-GHMqg2BjJ5AlOmFGtqGY4ELTw5XrrZP-xled_TnuRYcxj69H_dS98o4s6Fw3cIu0dOeNQ7xANzXg&google_hm=-fn6OBGcSemPMx-SeVyLaw==
date
Sat, 19 Nov 2022 14:39:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame A3A3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbnmKcBDYSp7L99n8zQGGJJUKBtGBfIcCd1Rs17NcwjHujcOhZA15m5RFOtxjJJm7iwe1ZEVslG3YLvnc6qSLGgaIIG_KY
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbnmKcBDYSp7L99n8zQGGJJUKBtGBfIcCd1Rs17NcwjHujcOhZA15m5RFOtxjJJm7iwe1ZEVslG3YLvnc6qSLGgaIIG_KY
date
Sat, 19 Nov 2022 14:39:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A3A3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKksF-UUhzRgQRaHjvAkOsY&google_cver=1&google_push=ASkJ3FbkGrrPFvX5RhuFearxBvLW1VvMaeeM_icsb6G2O1Nt-yv8ukIONbmeACsFnY9RWiIw-z...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yZ2FIc19ORTJ1SGZMeWF5bHo5czcueFFydVg0eHFWeX5B&google_push=ASkJ3FbkGrrPFvX5RhuFearxBvLW1VvMaeeM_icsb6G2O1Nt-yv8ukION...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yZ2FIc19ORTJ1SGZMeWF5bHo5czcueFFydVg0eHFWeX5B&google_push=ASkJ3FbkGrrPFvX5RhuFearxBvLW1VvMaeeM_icsb6G2O1Nt-yv8ukIONbmeACsFnY9RWiIw-zPvdJVllawvnxOHEDknQyymDg2A
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yZ2FIc19ORTJ1SGZMeWF5bHo5czcueFFydVg0eHFWeX5B&google_push=ASkJ3FbkGrrPFvX5RhuFearxBvLW1VvMaeeM_icsb6G2O1Nt-yv8ukIONbmeACsFnY9RWiIw-zPvdJVllawvnxOHEDknQyymDg2A
date
Sat, 19 Nov 2022 14:39:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame A3A3
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDYIyw-AW...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDY...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f9f9fa38-119c-49e9-8f33-1f92795c8b6b&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f9f9fa38-119c-49e9-8f33-1f92795c8b6b&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=f9f9fa38-119c-49e9-8f33-1f92795c8b6b&%%GOOGLE_PUSH_PAIR%%
date
Sat, 19 Nov 2022 14:39:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame A3A3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6qBYo6D7vmBylBgnD2VtqqRBLlR00KMc_f2CUY7GqlgAmCP5XajGir8QVwy4OdV_9wJVdv1M
Requested by
Host: d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
URL: https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame B8C7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94bd0279c5934f609dcc531053ddae0c550e4850e0165db396f09c63093eba7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame A5EA 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jp24mw9p742ktzhcdhqpbvyhewppp3d2aqd2f6qgwsva2mk3m3vvfhhk0na194pdb8tdtk55mzyysfydy636yftn74c43zt1ktchq14mcaxw3a1xen3bdbjyt56wnzkqywj0v9t1s8je4fqwcqzttw7sj4xgjj7s3gjyj3zzr36bfzt0ccqfkwjqfrdpyenwjnb3sb3179k5b4fncdw4dw9vckwwjv633005sh3hvdh00tbahseq538kkdftdybkkygz02y22jvzdngtye3p6x12n8b6aj51d6xjpjfkj6dxyca1xqp6e3j82xtkb100xct5s6q43zpnmmm1dhgqx26as9wwvm989m71fhptmmh3g1taad76ntbrprecs09ahk8dtqbar8nqv2meywn9r8pz27z4cb8ygrnfrb5ank4jt3xt2hva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jp24mw9p742ktzhcdhqpbvyhewppp3d2aqd2f6qgwsva2mk3m3vvfhhk0na194pdb8tdtk55mzyysfydy636yftn74c43zt1ktchq14mcaxw3a1xen3bdbjyt56wnzkqywj0v9t1s8je4fqwcqzttw7sj4xgjj7s3gjyj3zzr36bfzt0ccqfkwjqfrdpyenwjnb3sb3179k5b4fncdw4dw9vckwwjv633005sh3hvdh00tbahseq538kkdftdybkkygz02y22jvzdngtye3p6x12n8b6aj51d6xjpjfkj6dxyca1xqp6e3j82xtkb100xct5s6q43zpnmmm1dhgqx26as9wwvm989m71fhptmmh3g1taad76ntbrprecs09ahk8dtqbar8nqv2meywn9r8pz27z4cb8ygrnfrb5ank4jt3xt2hva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%26client%3Dca-pub-2697679518515886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
249218
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76c9b1db1da2bba7-FRA
expires
0
r62eglto.js
ad4m.at/ Frame A5EA 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jp24mw9p742ktzhcdhqpbvyhewppp3d2aqd2f6qgwsva2mk3m3vvfhhk0na194pdb8tdtk55mzyysfydy636yftn74c43zt1ktchq14mcaxw3a1xen3bdbjyt56wnzkqywj0v9t1s8je4fqwcqzttw7sj4xgjj7s3gjyj3zzr36bfzt0ccqfkwjqfrdpyenwjnb3sb3179k5b4fncdw4dw9vckwwjv633005sh3hvdh00tbahseq538kkdftdybkkygz02y22jvzdngtye3p6x12n8b6aj51d6xjpjfkj6dxyca1xqp6e3j82xtkb100xct5s6q43zpnmmm1dhgqx26as9wwvm989m71fhptmmh3g1taad76ntbrprecs09ahk8dtqbar8nqv2meywn9r8pz27z4cb8ygrnfrb5ank4jt3xt2hva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359955
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Jul 2022 10:39:11 GMT
server
cloudflare
etag
W/"a69f5acd9289c65e67397be142bc2c3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csK9GZYR%2FgoXcUc3byHq4YT4Ln1l3vJ%2B004vNMJwU8azue%2BUEebAjhddFPLjpinQ0I%2Fc1hlcjzawbskEMSMGdu3f6Mx8zSCFOl4YRrTNXgfIVbqM0DU8tpbfREMCw4YNQ%2Bp6vA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
76c9b1db1da6bba7-FRA
expires
Tue, 08 Nov 2022 10:40:11 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 99ED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEAicOYjsThc-v6FRpzBxHpkCyOnpsiOJ1e10uU04T1fVhMoIDkNBc_frZ72aveo1cQ7Sf7d4IwbebQWJfuEJFsQ8Ck8lar8VRM9mi5azXFQksCN2WcecgCiGlU-rXJMI3ptNo6E5LLh-lkgiwpJRPHR5hOBwJYWpu&sai=AMfl-YTJjZ2iLrqf994gKbra5_FGTiLAt3ALHXcXv0hLCYtKoqsKhLw2TWn6BFrGl0vcMkvEL2p6nDB82Tiopn8J-8RLYLZCO5hrCUUABS-Aio_eJyBYOC_9uECxReMUUD11zzmnBvTGd_8cYsHu1SlX&sig=Cg0ArKJSzMNzu1T0kansEAE&cid=CAQSTADq26N9NZ1exwy5n2bfGLzXBMkxGFN1nG8pRiJGpAhh_v00pO-ev_54oVxzD54NB7JL-K3ckJljXpD6Kfn-BPbpjIpH2cMauKQdF5kYASAT&id=lidar2&mcvt=1024&p=386,436,476,1164&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2191470203&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668868759269&rpt=527&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A5EA 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25765256
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vt8YZyxdeen8jhzwWNDIvnPyNPtSisoB5PZaoT2TLxTPDpafY3t5KBz25kZ6nlaArNp5P01AVaFWX9%2FVjLaBCFGrhdX9M2lLhpseJ1eXfwfcBqw79knmn%2FROj5NihUa7j0ZKgIA%2FurI9QS4OrhOXL2O"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
76c9b1db8f8b91f3-FRA
expires
Wed, 25 Jan 2023 09:38:24 GMT
frame.html
ad4m.at/ Frame E769 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2054047
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
76c9b1db6e3fbba7-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:20 GMT
expires
Wed, 26 Oct 2022 21:05:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2uootkZ5VEG68Ial%2BZDzzVeB110dPc1XqPnu%2FubpHcb9orYkHnB4V2QEqYS8UarTvJSgZ175g4RbjHQ%2BLORw2BnpeoVRo0wHIyfymiWY0JO9iFw6BjgdfY3IQ4vccHbSX4kvt0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rar
as.ad4m.at/ad/ Frame 9343 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8484bd12a13d22a7fb31ad344400c4ee8c2b87b76974dbfd373c125ee72fc61
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hjwatam0x2rm88xs1a00xpa14v5erb0fns6nv2ed4xxt5v8zfp4f3mh5qt0cnpapdb3y83tgbsg1mm4txb68bdv1ryx6em8h1ksbd0mqnbsfykppvbtbt0nwabj7zafa5j2mw08xfp2kfn637jkvk5gxv9r0rp3xx34g9debg01mb87hk32m89zx00sv5wzxyb8y2y5nz4379nrxhzb24m8qydksh99jbyh82hbxhbnqbeknvfxz063h8cyrz3accj8mfh0q3nm8p74ahvassecthg0zfavnmqrp90vt8kf85c82yg75jnpva60b0shsgz8srycvfj94w5g5nt30n19w7hnrrc58090dd9gxsphz3mjv93twnyxdp01yzs0bpdc0g7q2ypfyk762nbmy6vdjhsyqe60a6g83g8k8x70rfs9mph78&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%26client%3Dca-pub-2697679518515886%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76c9b1db7e5dbba7-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:20 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 9343 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
249218
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76c9b1dbcf02bba7-FRA
expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9343 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
523005
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmrOFMGfksiHOt9rbvA0CnrAM5hfIMxhGZHrgLcE5hpfsb%2FvqhjRbvRVsuwP52lbCqL22RMU9mHaTLyfCimaZUxVJsYIatLbh9lifwQVC2SD0pVfwxnpFuJhYwFMZ8NI4zOIt76%2Fa2e7Tfsm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dbdd6a9978-FRA
expires
Sun, 20 Nov 2022 14:39:20 GMT
3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 9343 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248596
cf-polished
qual=85, origFmt=jpeg, origSize=46259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10888
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:09:44 GMT
server
cloudflare
etag
"b2cf554576629d98986c459034c76d1a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQYL9TK0n8FoKLzX0KW3ZpxQ6P7b4Hx4pjNQTRF4fqyLse3WIzviKYp0KC4%2FLOII1NQkTjBogkKJ0G2QWDH69NX48v0%2FuyEfv3TpS5q4OlAVlbR4Qx1zevVO9ZAlm5VJfJCwpzlUD6Ohk72j"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dbdd619978-FRA
expires
Sun, 20 Nov 2022 14:39:20 GMT
/
partner.o2online.de/a/ Frame 9343
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJv1ss28uvsCFbDmuwgdDtIOEQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022111915392178690878077X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022111915392178690878077X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022111915392178690878077X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads4.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:21 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022111915392178690878077X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022111915392178690878077X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Sat, 19 Nov 2022 14:39:21 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 9343 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
319526
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5UhVKBMggYKz%2FnF1JjeIxtAA1r9QM9pbXUUmX9tjtzfKLkTwPz6MQq5jTDBjLUbljUSQ7EQafL0T40kOBpwt3peM2gEfI7BmXuuAl2r8Al%2FjfdMoeZjkdIoNAdpvVnZPY47peh8BTU0jjAp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dbdd659978-FRA
expires
Sun, 20 Nov 2022 14:39:20 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 9343 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
250289
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx6IOCbbsVKx%2FvWDAX22zrBAVzjKnEw2ptT0DxXNQQYcTCt5ywXRoPuDmzH60an7bhGY6UsXSuzp5uR0%2F9FKH2iltW0tgy8euseOlZFl65M6daSuh0aG8KysunAY3RYMnFMEvIoUvaDTAEsY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dbdd699978-FRA
expires
Sun, 20 Nov 2022 14:39:20 GMT
/
partner.blau.de/a/ Frame 9343
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLL3ss28uvsCFabEuwgd7hkLkw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022111915392178690878075X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022111915392178690878075X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:21 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022111915392178690878075X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Sat, 19 Nov 2022 14:39:21 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 9343 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
246505
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BCbiLYkib8gt4Ruq7mLmG73kOcVcTJhJuWthYwCSPRDrZSXBoIuwWO3Re1Nq%2B0nq1NO24GDOBU%2BHBAe25rbfILDMiHtDA14ldYZoJVsjoFBk52zD7h3DEQ6n8inmUWaFosoKCrOjwPntJI%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dbdd649978-FRA
expires
Sun, 20 Nov 2022 14:39:20 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 9343 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247512
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjnrE559yrWAlK7ncDzk6VvyBJot%2Fvpwu2WDnP9J3D8CJrDtEbKTySMw6gc4W5zOrPWrw%2BNdHtNW2dN2NYug18fuYM2v0LOxGZsWlwzVuEH1UhOJ3%2Btf%2FcM3zwj4s28NzoNZSLr3Wt3LFoR5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dbdd639978-FRA
expires
Sun, 20 Nov 2022 14:39:20 GMT
ztpv.php
www.conrad.de/ Frame 9343
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=f44a25f0-6817-11ed-9792-223985e9a9b7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1668868761_f44a25f0-6817-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=
0
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1668868761_f44a25f0-6817-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C197100%2C14019&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=48db8ad90a56eec5212829f45fa74917%2F9166033525179076484&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760852&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtbb2q0wgpa1zpckscv1et86ms2vfyyba9meqhfv4xehx4n19bj4aa497kd07fej3h8d5r3wze89m5xdcecr7q7w7wma73qpenbe12ftn01jmedtfc1538cxt6dchyb4915dxbastdvc3zc2n3x1etjxhth78vm3geynt41bvyan015ckk841tzhxvb1t5dd8sk0xp3ychr4qs9ah3jetv4jb3xzxhkwqf7wmqnwnr4qjahwnc5zqszdpnjjs7yc9dm104twbw24ee65c8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDVjl-p4Y8HkKYnt3gOp75GIC5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QWgwSCI2HOGoODgWaD7NXlnbJbpNr4Ef1GMFYOVUdvzoU4goR-WyPENd4G0DQ-OXmY3Q_9pElwCgM5QMFWUeyffngo8y0O7p8H-aU2NqOv4gYe_ns632j4gVn5QYHshGFv95tFAiMHJWzTiIfyabVIrPeRBZh6-C_gKY_0EAqy3guxmfBVboG9D7G8Gl1hQ4GRqJ0GVidu4vkA4vTd83YVe-nq45Wew_CeAvhTzmS2wZ8Z-HFFst3geAv95h46RNeW7877ASSMXQ2ZJjwkOd3yrqW6NaVaX8o1a9DEzycEDWl6wA97U5n_u1Ncs2N9LfT81h7umQwRP5y4MXtHOGcBFDSjMgaaLYiQsfb7MiWyS8S6r8SsINjZZ9WjOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0cilyTxes_MGArRi-OqS6HftYrlQ%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
via
1.1 additional-webserver-blue-115j (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
302722151
cache-control
no-cache
cf-ray
76c9b1dde9b45b68-FRA
expires
-1

Redirect headers

Date
Sat, 19 Nov 2022 14:39:21 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1668868761_f44a25f0-6817-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
rs
ad4m.at/ Frame A5EA 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e45cadb74527369632fa8dcd138580b6583ea3eb0db9087c51b8df9f5eb60a18

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXDNFhJ7pJdGkGkk5OjctImt4svalNcV8YMqAwzMq%2B7eX0X3viBE80yUufwq9WnWKki5Mz4EZyZE2rEQTb7CL5IMmRrRyqoNdr2EIj3uPqRJoBMGAIfSQmJqRlRQlx1RMvGacjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
76c9b1dc0a3d9b74-FRA
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76c9b1dbc9959b74-FRA
content-length
24
content-type
text/plain
date
Sat, 19 Nov 2022 14:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5%2Fzh%2BsI2l2kBYGGao7Ne944fSiMDQczbaBI217B9wMbymLGy2Tzbh83QOc3La3FZWjs%2FaVGpucucG0SvAQB7oFRetJWlHI9yYIgkOaQDl%2FkvN1RJbNRsWKd3kBzV5ZZzlgXFGM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-v578
rar
as.ad4m.at/ad/ Frame 06EF 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4193d48a138a2b957393a46f06ef5f470bcb1713bbf83ae9a4ff4c9f8d5a68b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jp24mw9p742ktzhcdhqpbvyhewppp3d2aqd2f6qgwsva2mk3m3vvfhhk0na194pdb8tdtk55mzyysfydy636yftn74c43zt1ktchq14mcaxw3a1xen3bdbjyt56wnzkqywj0v9t1s8je4fqwcqzttw7sj4xgjj7s3gjyj3zzr36bfzt0ccqfkwjqfrdpyenwjnb3sb3179k5b4fncdw4dw9vckwwjv633005sh3hvdh00tbahseq538kkdftdybkkygz02y22jvzdngtye3p6x12n8b6aj51d6xjpjfkj6dxyca1xqp6e3j82xtkb100xct5s6q43zpnmmm1dhgqx26as9wwvm989m71fhptmmh3g1taad76ntbrprecs09ahk8dtqbar8nqv2meywn9r8pz27z4cb8ygrnfrb5ank4jt3xt2hva&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%26client%3Dca-pub-2697679518515886%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76c9b1dc4866bba7-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:21 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 06EF 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
249219
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76c9b1dc88edbba7-FRA
expires
0
F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
assets.ad4m.at/logo/ Frame 06EF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
849243
cf-polished
origFmt=png, origSize=11554
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3224
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Nov 2022 07:30:35 GMT
server
cloudflare
etag
"1ca6a79380ae53c080c2e12b38bdb5eb"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jcuT%2BODZoTOGZcidJXiYsRjhgOfHoT2uBvtaSfWfoA0lMXlmqh3DSIwhummgtUnmK%2B0W1imHy4fVz0z%2Bp%2Bx695zasYiTxQarY61AIeB87nmmPPkIu2uVySUj8LyYQfseKl%2Br4oP7qW27SR6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dc88efbba7-FRA
expires
Sun, 20 Nov 2022 14:39:21 GMT
43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
assets.ad4m.at/product_image/ Frame 06EF 		296 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
849243
cf-polished
origFmt=png, origSize=466926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
302728
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Nov 2022 12:39:43 GMT
server
cloudflare
etag
"45f5fed59fc1f13fbebb41146459eb81"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKsbdf5xSB4GUZ8yXB1eNppfS858aPNwGs8kRkC%2Fj5pQR4569xifY4IYid%2Fj53dA%2BLlKQ%2Fhb3%2FPHzkuhEnuFfcEoF%2F%2BBwvHyyfKT6TKj0SzRheABhTyAtqsoXssDGnWBdT6BbKCuiZ%2FUZb7U"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dc88f0bba7-FRA
expires
Sun, 20 Nov 2022 14:39:21 GMT
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 06EF 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1081770
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64Xs7Nf7RO8%2FvnPlcDBQhpfrgZjuJKcXiYTAgfo1P9UuIHN88%2BtM7zhUhuoqjA2CYeJ%2Bl2XC3W4LApmiKu%2FYFot7RXB22WOO%2B%2B4lWxXXvH0GfdkJqDuMAyG8OBy%2B12g0EwveY%2F9N7dxHoDpK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dc88f3bba7-FRA
expires
Sun, 20 Nov 2022 14:39:21 GMT
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 06EF 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2226701
cf-polished
qual=85, origFmt=jpeg, origSize=81547
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30226
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTjkGXInR1A2c7HtmjqzP6qRzt3SGZsNiyXn2hCYnEY92Kq8is0nhxHeVTnRIXpAOvxmNen35%2BSH%2FKaNMj0Sa9nsHYzcjZVgjG1QmhXJsnCmVmEpjQFvb2FgrEIVSKGwAJnZR7sIsdOJHB6P"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dc88f5bba7-FRA
expires
Sun, 20 Nov 2022 14:39:21 GMT
/
banner.congstar.de/cookie/ Frame 06EF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMvQt828uvsCFeiD_Qcd368PNQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668868761_f4596833-6817-11ed-9f2f-2266c0ccb091
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668868761_f4596833-6817-11ed-9f2f-2266c0ccb091
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:20 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Sat, 19 Nov 2022 14:39:21 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668868761_f4596833-6817-11ed-9f2f-2266c0ccb091
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 06EF 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1340541
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCMvyVFe%2BPwt%2F0ysthHrsXKU91nMKUtVv%2B93uypykS62F5woDTYNNDIlWOOdFplQa8dxfX1jb9%2Bb9zCC8mrU2Ra9eZ3Jij0aKQB6lrnmTOQVQW01MykmjZ1gsA84u1%2B89iBLUPiwhb0gxi3L"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dc88f8bba7-FRA
expires
Sun, 20 Nov 2022 14:39:21 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 06EF 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1851225
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntktUxPFPoyiaXoweQkoJE%2FwO5CpB5urIZ%2B8%2BuiaNwX4GUAyOdBHQCKYSosXirLVHGBWGnGV%2FqGZ3B%2FuTQ77yTY%2BA4QVndgeEk7VXqrJoB%2FTkxUe%2FPP5LYRjF%2Fauh6STiEc7GNs6AOE1Stcf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1dc88fcbba7-FRA
expires
Sun, 20 Nov 2022 14:39:21 GMT
cshow.php
www.awin1.com/ Frame 06EF 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSWoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.81.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-81-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:21 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame 06EF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gkyc5gg6zx5rhjarenhy3fpjkcnb9gcgmhcacz9qh44rcef2drc5q434nq5wkwtf2tsgqaxhegrchy5jkb4bj9vkst1bf1ztrs5jp287bs65d9tnswefqffetp8hythed26a0t9q6aecxx01ab7cwr1xdqsrfybk3bz325kbsb8y6p5pgpykkpfytbny88br5v1tdnshys2vncpk53fkamtp0hq94e53z9njbrwzdpwr17ad2j5b0htsqfjsfg067vf8sr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.151.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
75f22f266a5856321de543db7991249d97d32458bdd83850edf10e7e8a6ee457

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
last-modified
Sat, 19 Nov 2022 14:39:21 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 19 Nov 2022 14:40:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A84E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3473709602320748&bg=!6uml6a3NAAbvMpMzzzI7ACkAdvg8Wnxnr3_pvEfmXt9uqCDs1glxbazQAy4JF-iUilQbXWL-buagEQIAAACiUgAAAARoAQcKAJcXXyboYjHr03fLlPeermGKxl6I20tRMDqzOrN7zUBC7WH-oMMdIUJsYFKe52TcPKRzUiOMk7pIvkDMijXbfhhDiAV5j5PzDwcoeoLOguuLpnpng4UyY7ZEOVslJ-th2lTpp05ZNaxIlCKogegfhKdlyzPoRkI1WmHyvpbKjPjvFfU6uxBUwPp_5C5M0qpJFCUdfQXWgYX3mQLGjgQhPJOaWMDQPLGuq76MaxIwQ86q-zG3WK_qfSosfuVT19tCJYlx1QJtHn-S-cyFop_Zos_5cCTsCEFDbaapGAxMRfDoie0YycrLOmpbzowvHdFT1hZrJnS3GZxBl_Xc_Gkxj35Uj7lkG1xiOSx1gNcCNEBtHeyd65dg7DXs289ReY5f-Ksv7T6pcNDedSBctNn6oXPKkFLIjoXPcTPdBnUy93nEOWBqLru24QSxz06odJqnxg84g4XL7PH9OR39OTm6eDC56Gls4TlpQiujIVfSE8jkacbcbF24OUftfh0p1M8MxTLgj3a5Ez_c6VJaRFSlh6gWlG3jWL7E64iP5IFR7zi5XmKxnUyKxkBd3wIpYeEHEgI3aWEe2k1-WcPPExKio6Yj1jDc7i2bpaBn2Vwz9SwehQQaDRg6Cv4e3zA1Xmn4AbJ1gYLgZuGJvS-J9ywKNcvZx2gzuvbS693FmD_ZPSPxi1Y2plaVlFU50793TD8LKidRTPtN5WB1kH5qYrG5g_zIESpHel_wj-qtUMPhbvB597SlhxN2UXG1vhKYBDBRLCbELZApJO6gdNo1nEdLBvTJqw0ijvmAHq6gGfiZ7Ej11xHrtYrh53xNAIWT8wVkaS1Sercv1OIXGitS6zPGZYHmBTv-J5mP7oPUl_m_TS3puSW4SwSP8-EFNMT0B0n4EcGSCLdeeHcLm4jNXtH9D0VLVL1k-YPs8BoC5aktw-oS-eVcFYXCA7qsIOsFZ7xjNj8mTfc3EA1Dh7wN2ee51i_b75SVdn7MbkpGHmAKasL3NbZpt8UV1gtTPOd0h14c9F8e92yRf7Ctoaane3rXDd3z2a2Ye4D-YNW-svxv3iPSRDbGstX_eRLsE63z5G9HbKCpS8XmXvwF-C4F49EIVtV29So3sXes3owq2slw6Xk2WHujmoHXkkihZVa136FUE48
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931236&asId=b670ffae-ce0d-23cf-b229-62be520e0db5&tv=%7Bc:uqmCA5,pingTime:1,time:1096,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:81%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1096,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:81,wc:0.0.1600.1200,ac:436.1110.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~100%5D,as:%5B1026~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:98,fm:tnDZf4x+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C1a*.931236%7C1b%7C1c%7C1d,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:82,sis:146%7D&br=c
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:dbf8:cb33:6058:925d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:21 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931236&asId=b670ffae-ce0d-23cf-b229-62be520e0db5&tv=%7Bc:uqmCA6,pingTime:1,time:1097,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:81%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1097,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:81,wc:0.0.1600.1200,ac:436.1110.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~100%5D,as:%5B1026~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:98,fm:tnDZf4x+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C1a*.931236%7C1b%7C1c%7C1d,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:82,sis:146,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:dbf8:cb33:6058:925d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:21 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931236&asId=b670ffae-ce0d-23cf-b229-62be520e0db5&tv=%7Bc:uqmCA6,pingTime:1,time:1097,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:81%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1097,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:81,wc:0.0.1600.1200,ac:436.1110.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~100%5D,as:%5B1026~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:98,fm:tnDZf4x+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C1a*.931236%7C1b%7C1c%7C1d,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:82,sis:146,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: forum.killerfrogs.com
URL: https://forum.killerfrogs.com/index.php?forums/-/list
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:dbf8:cb33:6058:925d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:21 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pvClk.min.js
analytics.webgains.io/ Frame 06EF 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gkyc5gg6zx5rhjarenhy3fpjkcnb9gcgmhcacz9qh44rcef2drc5q434nq5wkwtf2tsgqaxhegrchy5jkb4bj9vkst1bf1ztrs5jp287bs65d9tnswefqffetp8hythed26a0t9q6aecxx01ab7cwr1xdqsrfybk3bz325kbsb8y6p5pgpykkpfytbny88br5v1tdnshys2vncpk53fkamtp0hq94e53z9njbrwzdpwr17ad2j5b0htsqfjsfg067vf8sr%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%252526client%25253Dca-pub-2697679518515886%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-102.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:52:38 GMT
content-encoding
gzip
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 15:47:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
71204
etag
W/"faa933973c404f8cfedacd4b67a60b85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
RVXBA38jHsy1OePe9Ar2SWi_mUTtnohrp-KUwPqNYfoTX2itJKVgtw==
1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif
cdn.track.production.webgains.team/295140/ Frame 06EF 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1668869061&Signature=P0gWeLVPBvuXLV8AULRW5gvmTQepLOD512g7lKQW0UGJzLxlEjriIMogZeVV46R~yKBcPUNwLpRQBXoZ2luxsiLmE6f6ZutYpLzPE2xRj7hvtJAbbSlnnpWivlf9pGEj4EScxGOckZB27EeHnGnFCmhtBddDnoAkbpem~e0NRI2d8SuxmNMOQaB4qf6VfaTlaECOW9VdllRBnvLL2TqU9vUgzLCZz7zouAbeN-bNLPFig3Oin4YgGPhOgz5JQ0yM9iy1Mr0Pg04DYC5952HUmKc5y0UsqPLEQtl-y0duCgo8i~Q3D3gLyZWWjSL6rkV8ILMf9mHb~OopVnR7OONxHQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=9aad53c9b038efa676beffcb7cd9e02b%2F4594299584077763252&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668868760988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hbkma41mwzjazzxee8fn0svkext5qzemew0gc1e0xy5b490wbdhz167tpymdeh9wafnc0dxgpfvs2r93ffzh17qd6a3dn1j2cc9mpn3762zk7ghj4zxrj5v4z0bs0asa96wfynfbt85dftvykcxd8jww9azs7b79xzqysvz4r263a5hmf94ypzmfr1ajpgjxpq8mmxk44ez0gr3pxvdpnv5nnxcv886qpdh5ffccz14cezbbybdqv8q7398yzext74wv3fsj2rzfcfbhaz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC817Xl-p4Y9rVKeXI3gPer5bwAZDhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODbIAQmpAnNp6beoUrE-4AIAqAMBqgSdAk_QUgrqXf9rmMmbbf0JOdwXsmKdRrkU2KWBXLn0fmhGrPHifAFFDL8r7qemHYr7WvyZxQMqvUOq4FBOHdAZ1tgvJQn1ULcNUMuJD_GEum0n-xs-HnajVlIYqlu9oWQ4SPN-vsg9NOsBeQLkXgxvZAo6WRd6NhYuRbzJ61z6pkDXPbvFIE8L5xKmLPy2BGotqkIeffv7WCtLN_h-BsW92klWbQu4szqY8O4RvSuMnKhtLj6f5jbayBzBpiv9K1S_uaD3gIRl3yUIxU8w1myoRk9G72ju60Xi2I48OKqkMos6pzMwflo4u2f6Tu4lndfQSsR6vLGbtPSPgdqtjoJPtg7hR08jenaexNKDMwSlurvD_gljI2lQviNNgaGdWOAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2uHtqp4xQTPuaQvnURGvknNEQ9KA%2526client%253Dca-pub-2697679518515886%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 18 Nov 2022 14:46:16 GMT
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified
Mon, 01 Aug 2022 11:49:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
85986
etag
"c8717f93a87217b1c114134b189e2ca0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
19052
x-amz-cf-id
qVsmIMvQ1204PqPk8z_BnU8-v8KahRD4q198-lSo9E6Qp7vUILkRBQ==
vevent
lax1-ib.adnxs-simple.com/ Frame 0049 		0
689 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lax1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=forum.killerfrogs.com&e=wqT_3QL_C2z_BQAAAwDWAAUBCJbV45sGELWvuPmjm9XRcxj_EQF8ASo2CcL1KFyPwtU_EVmGONbFbdA_GQAAAKBwPR1AIVoNEgQpww0k2DEAAADgehTyPzC25NUMOLMZQNgISAJQ1-D8vAFYxdKJAWAAaMqOoQF4zuUDgAEBigEDVVNEkgEBBuCYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA0NTc5Nzk4LCAwKTsBFCxpJywgNzY4ODIxMywRFCxnJywgMTkyMDUyMzUVFSxjJywgNTQxNzEzNDIVFTByJywgMzk2MzA4NTY3BRbwkJICqQUhUTRuZF9nak9yZW9aRU5mZ19Md0JHQUFneGRLSkFUQUJPQUJBQUVqWUNGQzI1TlVNV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QWVlbzRoS1F3dFVfd1FIbnFPSVNrTUxWUDhrQkFBQUFBQUFBOERfWkFRQUEFD3RQQV80QUdWb05VRDlRSEQ5VEJBbUFJQW9BSUN0UUkFIwB2DQjwvHdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTU9DTHVreVNZUUJCZ0JMUkFkZnptaUF4TUlrYW5ESlJBS0dBRXR0UGFFUHpJRGRXNXJ1Z01KVEVGWU1UbzFPVFl3NEFQbEw0QUU0ZE8wQ1lnRTR0TzBDWkFFQUpnRUJMSUVDZ2pSaGVFTUVNX1VvUTJ5QkFvSTA1TGFEQkRQMUtFTnVnUWFDSVVFRVFBQUFBQUFBTkFfRxEMWEFBQUlLZjE1UTY2QkJvSW5na1JtcG1aAQIMeVQ4WgEgDQEwZzBZWGhETUVFemN6TQECEDNEX0pCDR0BARQyQVFBOFEuWQAYZ0Z5QzZwQhETFFBBX3NRVQErCQEITUVGCQkBAQRESi4oAAAwLigABE5rFSjIOERfZ0JkQ0pBdkFGODVpVUNmZ0Yxc09YQW9JR0ExVlRSSWdHQkpBR0FaZ0dBS0VHQUFBBQIsQkVDb0JnU3lCaVFKBREJAQBSCQcFAS7sAABoBRIFAURDNEJnby6aApkBIUtoaFpFQWo2rQIsTVhTaVFFZ0FDZ0FNEelUQVJBT2dsTVFWZ3hPalU1TmpCQTVTORV5CDhEOR15AEIdeQhCaHo1XQQ5cAWABQEEQngFBwUBQWgAazV48LY4RDgusgIBMNgCpEPgAur5JeoCFWZvcnVtLmtpbGxlcmZyb2dzLmNvbYADAYgDAJADAJgDFKADAaoDAMADrALIAwDYA_uJBuADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECjgxLjk1LjUuMzCoBM9NsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMTExMiNMQVgxOjU5NjDaBAIIAeAEAPAE1-D8vAGIBQGYBQCgBf____-F_dABqgUqYmE3ZTQ5NTEtYjEzNi00OTMwLThiOWYtZDU2ZmM5Njk4NThkfjg4M34xwAUAyQUAAAECFPA_0gUJCQEKAQEs2AUB4AUB8AUF-gUEAZkokAYAmAYAuAYAwQYBHzAAAPA_0Aa_A9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSA3hLLoGQADIB87lA9IHDRV0ATgI2gcGCSdg4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=eb45237a3524c1e81d594b90bdf7665041cfb3a5&type=pv&jm=1003&px=436&py=1110&bw=728&bh=90&sf=1&sid=2701049331934954130&vd=ct~0|rr~6&sv=230&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=26571318&cid=3&cr=pv&ft=2
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/230/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:21 GMT
AN-X-Request-Uuid
cd17efb1-7c1b-4789-bf37-e483942a4e24
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forum.killerfrogs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container-1.0.html
resources.infolinks.com/static/ Frame 08F0 		430 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-1.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11222
cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
76c9b1de8fed907c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 14:39:21 GMT
expires
Mon, 19 Dec 2022 11:32:19 GMT
last-modified
Wed, 17 Nov 2021 13:25:02 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a5d0c1b41bfaf120c4ed4c48a4aa7c8135683f024116284ceba639ca8bacb64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11122
x-xss-protection
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 08F0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=3c3bf43e-8b06-4863-b480-ae03b21d0779=&partner_id=3337
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=3c3bf43e-8b06-4863-b480-ae03b21d0779=&partner_id=3337
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=3c3bf43e-8b06-4863-b480-ae03b21d0779=&partner_id=3337
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 19 Nov 2022 14:39:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=3c3bf43e-8b06-4863-b480-ae03b21d0779=&partner_id=3337
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 14:39:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4DFF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1661
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:11:40 GMT
expires
Sun, 19 Nov 2023 14:11:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A57B 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2b2f2addeef3a1b86a3595d64d2a203fd308d77cd6fa3fc03094e4f67f7e2c5b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b4JoMNH1RR3fpBwFdGPTcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-b4JoMNH1RR3fpBwFdGPTcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:21 GMT
expires
Sat, 19 Nov 2022 14:39:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 4DFF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 12:06:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A57B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1484167545845524&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4DFF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Leh4NA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=360095&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=360095&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8e91b1c7-9317-180b-82bb3403
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8e91b1c7-9317-180b-82bb3403
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sat, 19 Nov 2022 14:39:22 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8e91b1c7-9317-180b-82bb3403
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTU0NjMzMEMtMzIxNi00ODUwLUJDNzktQTgzRDRBNDMxQjY2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECqpIReggPgQlL2pVMb9eiY&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668868761772
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8155244655
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8155244655
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:21 GMT
etag
RX655470eff2744586b1d3efae73e43677003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8155244655
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D10141%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&cbimg=10141&uid=1052156515884976696
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&cbimg=10141&uid=1052156515884976696
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:21 GMT
AN-X-Request-Uuid
e59efa5c-4fd0-45af-8847-90fc1006e0a6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&cbimg=10141&uid=1052156515884976696
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=http%3A%2F%2Flocalhost%3A8282%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 19 Nov 2022 14:39:21 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1052156515884976696
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1052156515884976696
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:21 GMT
AN-X-Request-Uuid
21c341c0-8e98-434c-abc1-db1bad5849b8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=1052156515884976696
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforum.killerfrogs.com%2F&domain=forum.killerfrogs.com&bundle=3N9mcV94UmpSMVFBbE5Gd21PaG1KM080JTJGM2I2JTJGWXBpdDd3Qk5XcGpCcmxkMSUyQnEwMGRiOSUyQm8lMkZKTnhmMVFQajh6TjVhZ2NBclZUMVlSWU04SEtMV3QzVFBrc2hQUUlxbm1kTmZVaWh3QXJEemFMMGFNVm5nRk5LdVh6dmVtbVlURnlWdDFNUWdlRmglMkJIekl5ekUlMkJ6ZUl5JTJCUjRBJTNEJTNE&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://forum.killerfrogs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 19 Nov 2022 14:39:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
645733
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame A84E 		49 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001si6JdAAI&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame A84E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforum.killerfrogs.com%2F&domain=forum.killerfrogs.com&bundle=3N9mcV94UmpSMVFBbE5Gd21PaG1KM080JTJGM2I2JTJGWXBpdDd3Qk5XcGpCcmxkMSUyQ...
  • https://mug.criteo.com/sid?cpp=0ZYlgHx4bHdOS1JSVnhsWVluMGp0SDEyREEvOTlUQStJTFlpa3RZZTFXZlIwdEkzN01INlM0ell6MC9SdHNNWDVWdnRjOTFObUcyeHRyeGxNQ00vSjlPaFNpdkF5MHc1c0ZNdy9BY2NsL2xwYkJxTVRXNHFDbUN5cUNBQ3...
456 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0ZYlgHx4bHdOS1JSVnhsWVluMGp0SDEyREEvOTlUQStJTFlpa3RZZTFXZlIwdEkzN01INlM0ell6MC9SdHNNWDVWdnRjOTFObUcyeHRyeGxNQ00vSjlPaFNpdkF5MHc1c0ZNdy9BY2NsL2xwYkJxTVRXNHFDbUN5cUNBQ3pBTTZWOUR3K2FCMWpUTFFkM0g2NThmRGpnM2IxMXl3alN5Qk5tMm80UHNlZlU0bytaeEhwTUREMkpTYnQ3azVKTEJZaEE3WnFwSWc4aG12UU5CaUV1YkpSeVRnL25CU0xMZ0lSSFRtSEhQWFNCT1BQZXBYdGRVS3Z0ekZJYW9MSmxkMzd2ZE4yemdOUE1kaEtjWXFUS2w2UXJHNmxTZTJnQUlpLzdFS1ZPTk0rYll6ampsVT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
94490c6d1ebae67d5678066fbbae4bd58b48698ac541213e5a93a099c05146d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:21 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1039348
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=0ZYlgHx4bHdOS1JSVnhsWVluMGp0SDEyREEvOTlUQStJTFlpa3RZZTFXZlIwdEkzN01INlM0ell6MC9SdHNNWDVWdnRjOTFObUcyeHRyeGxNQ00vSjlPaFNpdkF5MHc1c0ZNdy9BY2NsL2xwYkJxTVRXNHFDbUN5cUNBQ3pBTTZWOUR3K2FCMWpUTFFkM0g2NThmRGpnM2IxMXl3alN5Qk5tMm80UHNlZlU0bytaeEhwTUREMkpTYnQ3azVKTEJZaEE3WnFwSWc4aG12UU5CaUV1YkpSeVRnL25CU0xMZ0lSSFRtSEhQWFNCT1BQZXBYdGRVS3Z0ekZJYW9MSmxkMzd2ZE4yemdOUE1kaEtjWXFUS2w2UXJHNmxTZTJnQUlpLzdFS1ZPTk0rYll6ampsVT18&cppv=2
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
723535
content-length
0
expires
0
944.json
id5-sync.com/g/v2/ Frame A84E 		216 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
c218a8d287503973864fdf4f8733856a3a561ab0902bd1fead6038183267533f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame A84E 		0
0
rid
match.adsrvr.org/track/ Frame A84E 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
66274949904b8e2375d746387aae4e4ce2838e50cfed6ed7bd2f2b63412f206c

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:21 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 19 Dec 2022 14:39:21 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0ZYlgHx4bHdOS1JSVnhsWVluMGp0SDEyREEvOTlUQStJTFlpa3RZZTFXZlIwdEkzN01INlM0ell6MC9SdHNNWDVWdnRjOTFObUcyeHRyeGxNQ00vSjlPaFNpdkF5MHc1c0ZNdy9BY2NsL2xwYkJxTVRXNHFDbUN5cUNBQ3pBTTZWOUR3K2FCMWpUTFFkM0g2NThmRGpnM2IxMXl3alN5Qk5tMm80UHNlZlU0bytaeEhwTUREMkpTYnQ3azVKTEJZaEE3WnFwSWc4aG12UU5CaUV1YkpSeVRnL25CU0xMZ0lSSFRtSEhQWFNCT1BQZXBYdGRVS3Z0ekZJYW9MSmxkMzd2ZE4yemdOUE1kaEtjWXFUS2w2UXJHNmxTZTJnQUlpLzdFS1ZPTk0rYll6ampsVT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 19 Nov 2022 14:39:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
230962
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
tracking-event
api.webgains.io/ Frame 06EF 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.155.214 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-155-214.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.155.214 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-155-214.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 19 Nov 2022 14:39:22 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1484167545845524&bg=!paalpuLNAAbvMpMzzzI7ACkAdvg8WgjRx2y_Tz8kYjyqE5q7-EQ6wXwklBX5Sq77XEJTYgutnru6vgIAAABLUgAAAAJoAQcKAO0DmnMbsSFVqsvQdad33YHd2EFQi5mW2MxuPp-ZiU6UKUtxjh1GKtbxPJPCaMURz8nN1MJxxgsMIDt_tfT9i8ZKpYZsfwDvDxWHoSRNmcoJPL6avFenhQ_40AfGMYSoSrPzJOZKRnilIU5epTj6zN1VpxF34O6ZAES3iSx8ww2GgMfbb2qXWrZsKuDNtb4aBV8g-Yqy4Pm6om-Mud_mg9PTeLPcSsL0aN_7v5kJcCd0PAxNzgYiZ1q8Nk5ykrmdWgj5kJPb95ep5yc1xGuNhHHprlGDOXHgzpd35jPjuaeAdZ41tN2Bted58uaz6-yZAqwI_loZHLfhNtG3CoDo-Tz3pU1K47oStZYhlSjZaEZdlwJym5l0Qu3SVMLmD_O6FsUk3epB2dD9v3BuTpdvPrujQjX2eCt16hUo5f4MGa2JoHvuakAeX2ohHamXz8W4TRijUkfVeCL5CB4dVSwR_umN-e-QWxEfFB6h8ak8C9e9Zg2U9QGUy0ChraTp2Po8rEfQzccPIZuksD9XG8qOdxl91sUMNZQrdXQCcvva8aughb4zt7JSekiO3U2QSkj_HufsOS2902t5bulV0nrNvwEHxvtRwoD53NjUlfhUvi8ELF0KuZqhu5RgnbPwO6ukAYHFHJC_i7iZP6Zep5fSGAMUV2NaTVvSMKOUQfcx5AindO8Bdb4iq3H0QsUlhSns6S5IQVuxsbhl4ffn2DE5NOGYX3cU5JLH2IeyEj_u11AXar8qdcqyjdmOdmmoFuC-REgoBq8Y8szp1GCox3p8UnXEfYHB4QG1MVlDXT4FL_D6OtG7vOdH-HK_OL9-EXmXr1tCXyUkc90PiRengWuqvxn5fp_H-hSzdQHw4nZlkwZm3cG7mCihyu1wSYW8IgsJ42RsJzEnqUh6VTqlpate3zDVOeFgc57vYbTcmqRkVJot0Un_qX0b6alZ64v93SWwRV3CbdDblPUUXJwiz-xbtpU_3d4D2gz8gmsV41nXxKF64utm4gS9vgPH9dQwTzCaSITJKzKp1SaE-8N9bKHdk0G4FXbuPuQEd6BmyzGNSAt8fwsRVCcTB-F5NKu1adqXje9j5naON1UfLhInIvphaeOdTSBGjzvnTayZfgS0dm7ZqArO5q93M6JojrMg8BXN9d_zAOYZpuQMJ-XaPpCPecDLuNnakSCkxm2q_7TrmXs5LqvM8tpayr3h4lueTHzM1CmrKaNJHcUhYE59heE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
fed
ups.analytics.yahoo.com/ups/58596/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58596/fed?1p=0&he=&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58596
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://forum.killerfrogs.com
content-type
application/json
access-control-allow-credentials
true
content-length
0
369.json
id5-sync.com/g/v2/ 		216 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
1e5312ba169a8b2f3900496eb27f99c50f2897ad3892009a5f71c15f055eb7f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
d5fbf068765661cdee7aa2e8bf732ba2dbae53d5e2b91b40a083777ba83a9ea0

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 19 Dec 2022 14:39:22 GMT
generic
match.adsrvr.org/track/cmf/ Frame FACA
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=9db56c19-4744-4b76-a4d4-21e5bdcd926d&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5782922661
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5782922661
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 14:39:22 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 19 Nov 2022 14:39:22 GMT
etag
RX655470eff2744586b1d3efae73e43677003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5782922661
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
rubicon
ex.ingage.tech/v1/syncPage/ Frame 4D76 		951 B
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=9db56c19-4744-4b76-a4d4-21e5bdcd926d&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
76c9b1e67ef99299-FRA
content-encoding
gzip
content-type
text/html
date
Sat, 19 Nov 2022 14:39:22 GMT
server
cloudflare
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB37 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=38614
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 14:39:22 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 20 Nov 2022 01:22:56 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 6259 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 19 Nov 2022 14:39:22 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
9db56c19-4744-4b76-a4d4-21e5bdcd926d
ex.ingage.tech/v1/sync/betweenx/ Frame A10B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D%24%7BUSER_ID%7D&crf=1
  • https://ex.ingage.tech/v1/sync/betweenx/9db56c19-4744-4b76-a4d4-21e5bdcd926d?uid=23203a1f-f110-5243-aa60-5782c918bd18
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/betweenx/9db56c19-4744-4b76-a4d4-21e5bdcd926d?uid=23203a1f-f110-5243-aa60-5782c918bd18
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
76c9b1e92b359299-FRA
date
Sat, 19 Nov 2022 14:39:23 GMT
server
cloudflare
vary
Origin

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://ex.ingage.tech/v1/sync/betweenx/9db56c19-4744-4b76-a4d4-21e5bdcd926d?uid=23203a1f-f110-5243-aa60-5782c918bd18
usync.html
eus.rubiconproject.com/ Frame B54A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Nov 2022 14:39:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 782F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
server
33XP018
x-33x-status
2000208
usermatch
ssum-sec.casalemedia.com/ Frame 6AA5 		2 KB
929 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5f1839e925b6493f42107babea5d979596e28708987a643fa5ad9c05e966f0a

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76c9b1e69f269299-FRA
content-encoding
br
content-type
text/html
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p8geqjtkvo6WO1PzhMFE7oF3yTbJKlcYqb8gqKo5JtvhlE7DOQgqI6cOXlTieJmAok4cEA4WMnQJFt4da%2FEKbF29DwHIaRWdXJRgitC5FYjFUA4H9V46fdfZhh4MT4KZCpoAR%2BXPLIJmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 4C04 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.29.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFA) /
Resource Hash
6619c3c9eaf6738dc2e1921e0682e82f4a5b0ac44a6b33d89812f576bc31ab41

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
230
cache-control
max-age=900
content-encoding
gzip
content-length
7250
content-md5
lcpePTe6AerpIQfSuw35Lg==
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
etag
a24e35b4-9daf-4886-8cb8-e752aec17db7
expires
Sat, 19 Nov 2022 14:54:22 GMT
last-modified
Thu, 25 Aug 2022 17:39:51 GMT
opc-request-id
iad-1:Yu_mnuMFI7amy1c8sesiYl4Dy2xGvibhbAp6hBOOd3P7j5FuiuZZLApOa1uPrDQB
server
ECAcc (frc/4CFA)
storage-tier
Standard
vary
Accept-Encoding
version-id
47726d7f-1be6-4a83-a43b-588c3e43b197
x-api-id
native
x-cache
HIT
/
sync.aralego.com/idSync/ Frame A30F 		35 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DUCFUID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
35
Content-Type
image/gif
Date
Sat, 19 Nov 2022 14:39:22 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 7AC8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
478
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76c9b1e66e4f9954-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
Sat, 19 Nov 2022 18:39:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D0AB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
35812
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 19 Nov 2022 14:39:22 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
60, 440866
X-Served-By
cache-lga13626-LGA, cache-hhn4062-HHN
X-Timer
S1668868763.701412,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8BE4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/77e4a266-5c73-4bbf-a4bc-eb987e1853a4/55354bb3-7aa2-429e-86a4-fbc34c21b197.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=38614
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 14:39:22 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 20 Nov 2022 01:22:56 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
PugMaster
image6.pubmatic.com/AdServer/ Frame FB37 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16647331&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f157fd166368c456707fa1f2eef15c16f0a2fcd7d88201293ff1b48de657a9a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 14:39:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 893B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 807A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1271606574105065392
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1271606574105065392
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1271606574105065392
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame B562
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76556378-ea9b-4200-a08d-76085ccc2d72&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76556378-ea9b-4200-a08d-76085ccc2d72&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 19 Nov 2022 14:39:23 GMT
Expires
Sat, 19 Nov 2022 14:39:22 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master hkg-pixel-x18 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:76556378-ea9b-4200-a08d-76085ccc2d72&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 9F04
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
Sat, 19 Nov 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1739174
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6F5C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 14:39:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
A0TPFB7PR3SE3R0QW5G6

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 14:39:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
T63ZRJYVBCHAX6D557H8
Pug
simage2.pubmatic.com/AdServer/ Frame A11E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1052156515884976696&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1052156515884976696&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
4a802afd-4ddf-4b06-939e-e09516731874
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Nov 2022 14:39:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1052156515884976696&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 8234
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD
42 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 55AF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167736754130253974&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167736754130253974&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 19 Nov 2022 14:39:22 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167736754130253974&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
adx
match.prod.bidr.io/cookie-sync/ Frame E980
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFVjAwN0c4ZFVBQUNDdGVxTFZEZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.190.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-190-42.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
gunicorn
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame FE8F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8FN6kpJPR7FLbGHFL4tMdVFfBSY
42 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8FN6kpJPR7FLbGHFL4tMdVFfBSY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Nov 2022 14:39:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=8FN6kpJPR7FLbGHFL4tMdVFfBSY
Pug
simage2.pubmatic.com/AdServer/ Frame 8E7C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3jqmgAJTN8wLgAO&gdpr=0&gdpr_consent=&_test=Y3jqmgAJTN8wLgAO
1 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3jqmgAJTN8wLgAO&gdpr=0&gdpr_consent=&_test=Y3jqmgAJTN8wLgAO
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 19 Nov 2022 14:39:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3jqmgAJTN8wLgAO&gdpr=0&gdpr_consent=&_test=Y3jqmgAJTN8wLgAO
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4083-HHN
x-timer
S1668868763.833832,VS0,VE0
/
csync.loopme.me/ Frame 5A71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame 33FF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76c9b1e84b5ebb5f-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76c9b1e7188ebb5f-FRA
content-type
text/html
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
973
pub
matching.truffle.bid/sync/ Frame F89A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame B640 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 19 Nov 2022 14:39:22 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-ac51bac19c4d@version_1.530v3
X-core-time
0ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame FA84
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2168101935
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2168101935
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 19 Nov 2022 14:39:22 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 19 Nov 2022 14:39:22 GMT
etag
RX655470eff2744586b1d3efae73e43677003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2168101935
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/ Frame F3B5
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRVgnXVhVahbjjYUa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.20.99

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRVgnXVhVahbjjYUa
cm
ipac.ctnsnet.com/int/ Frame EC46 		43 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 19 Nov 2022 14:39:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
bridge
cm.adgrx.com/ Frame 0A85 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
Pug
simage2.pubmatic.com/AdServer/ Frame A476
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QjnGoXSM1OWp045&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QjnGoXSM1OWp045&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 19 Nov 2022 14:39:22 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QjnGoXSM1OWp045&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
9db56c19-4744-4b76-a4d4-21e5bdcd926d
ex.ingage.tech/v1/sync/pubmatic/ Frame 35F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/pubmatic/9db56c19-4744-4b76-a4d4-21e5bdcd926d?uid=A546330C-3216-4850-BC79-A83D4A431B66
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
76c9b1e6ff9f9299-FRA
date
Sat, 19 Nov 2022 14:39:22 GMT
server
cloudflare
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pUYzDDIWSFC8eag9SkMbZg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=38614
accept-ranges
bytes
content-length
5549
expires
Sun, 20 Nov 2022 01:22:56 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame FB37
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c1ee6378-ea9b-4700-813f-2c86c87637e3
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c1ee6378-ea9b-4700-813f-2c86c87637e3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 19 Nov 2022 14:39:23 GMT
Server
MT3 169 32252b7 master hkg-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c1ee6378-ea9b-4700-813f-2c86c87637e3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Nov 2022 14:39:22 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/ Frame FB37
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9444b6c175d68b73d2f124129ec9d0c9&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.69
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
pubmatic
um.simpli.fi/ Frame FB37 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 18 Nov 2022 14:39:22 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FB37
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3973753479677356042
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3973753479677356042
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3973753479677356042
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame FB37 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FB37
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=35d28012-38f3-4aa7-a9f0-037c929d7131&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f9f9fa38-119c-49e9-8f33-1f92795c8b6b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f9f9fa38-119c-49e9-8f33-1f92795c8b6b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f9f9fa38-119c-49e9-8f33-1f92795c8b6b&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
A546330C-3216-4850-BC79-A83D4A431B66
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FB37 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A546330C-3216-4850-BC79-A83D4A431B66?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:9b7c:1499:54cd:6891 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame FB37
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A546330C-3216-4850-BC79-A83D4A431B66&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CC0VhJVE2uXzEY2P8oipGvC_2.IbPGU-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CC0VhJVE2uXzEY2P8oipGvC_2.IbPGU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CC0VhJVE2uXzEY2P8oipGvC_2.IbPGU-~A&gdpr=0&gdpr_consent=
date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame FB37 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame FB37 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FB37
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3701077014634676759&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3701077014634676759&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3701077014634676759&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FB37
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1ebdc6e8-b3e5-4608-8c90-56d06b958a56&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1ebdc6e8-b3e5-4608-8c90-56d06b958a56&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1ebdc6e8-b3e5-4608-8c90-56d06b958a56&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame FB37
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1052156515884976696
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1052156515884976696
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
AN-X-Request-Uuid
5b217120-699c-44c9-bf68-19a05e86db8a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1052156515884976696
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B54A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:22 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Nov 2022 05:41:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54056
Connection
keep-alive
Content-Length
10066
Expires
Sun, 20 Nov 2022 05:40:18 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 876E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e908652583795c12e861464649916d74e5f2af1659eda734bbf56bcc7f4b6027

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76c9b1e6ffa89299-FRA
content-encoding
br
content-type
text/html
date
Sat, 19 Nov 2022 14:39:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Fk0d3kzPMbyCpXfSDTlsSAyEXWnlJIaCmBHsByNicbWixRce7jqPI84JwuI9kMU%2FQ0ybwHVNxAoq%2FUyh4EpD6A7UsXf3Mkx8%2BJQ4JFetJfFqnPFtoPhjaa0zXNakYlOFuTx7odCrSFu9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame D0AB 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
AN-X-Request-Uuid
5ca1bf7a-f2b2-418d-beff-7978b895fb68
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 876E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:9b7c:1499:54cd:6891 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 876E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3jqmgAJOiEFcQA7
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3jqmgAJOiEFcQA7&_test=Y3jqmgAJOiEFcQA7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3jqmgAJOiEFcQA7&_test=Y3jqmgAJOiEFcQA7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn4083-HHN
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668868763.873254,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3jqmgAJOiEFcQA7&_test=Y3jqmgAJOiEFcQA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 876E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3773134608672604695
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3773134608672604695
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3773134608672604695
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 876E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=068b6378-ea9b-4300-89c0-73b499017194
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=068b6378-ea9b-4300-89c0-73b499017194
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 19 Nov 2022 14:39:23 GMT
Server
MT3 169 32252b7 master hkg-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=068b6378-ea9b-4300-89c0-73b499017194
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Nov 2022 14:39:22 GMT
crum
dsum-sec.casalemedia.com/ Frame 876E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=33C3A85ED9DD44C0ADCBF5960E8FE321
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=33C3A85ED9DD44C0ADCBF5960E8FE321
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=33C3A85ED9DD44C0ADCBF5960E8FE321
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 18 Nov 2022 14:39:22 GMT
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 876E 		0
0
crum
dsum-sec.casalemedia.com/ Frame 876E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1052156515884976696
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1052156515884976696
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
AN-X-Request-Uuid
2004a791-e34d-45bd-bb1e-297661555ccc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1052156515884976696
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 876E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB0PzPo2zod_UrAMtgcTznM&google_cver=1
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB0PzPo2zod_UrAMtgcTznM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5dz6QNsik0EhdC%2BH7DcclMe3JL0kC%2BbMtYApCh6%2FyFaSRTlQ6EWuUO6IfDQQ9lSnhgEeHbiDcPt5OthGeONK6zLkmHSZ0N%2BqKbwX07zQeF0HMr02K8346%2BFBXmJ2JkmdlJdjw4NshjNAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76c9b1e79a489be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB0PzPo2zod_UrAMtgcTznM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 876E 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y3jqmXWi6NIqbBBRN6Ty8gAA%261109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fforum.killerfrogs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
58049
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c9b1e79aae9bc5-FRA
content-length
43
expires
Sun, 20 Nov 2022 14:39:22 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6AA5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 6AA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB0PzPo2zod_UrAMtgcTznM&google_cver=1
43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB0PzPo2zod_UrAMtgcTznM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJXp%2FHb99VtTBokfsQJwOKKgJqktkea4%2BWRuSkS3hXPKfmRJQfbXfrMD7IRzT0G%2FOFX6%2FvK%2B4aIGPt5hKdTIPK%2BnMcXmP6auyBZMiGxObT0K4TMDWAr7RyG9oIdNzgGI%2FWFvamyQBin87g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76c9b1e79a4b9be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB0PzPo2zod_UrAMtgcTznM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6AA5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3WE0X97D2EA19G5469JD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SVR8PP6815JKF59B327S
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6AA5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3jqmXWi6NIqbBBRN6Ty8gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJRagkgsRsev8T1ighdqhfg&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJRagkgsRsev8T1ighdqhfg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJRagkgsRsev8T1ighdqhfg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6AA5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1052156515884976696
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1052156515884976696
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
AN-X-Request-Uuid
900b516f-4edb-4adc-b50f-4b43bf622736
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1052156515884976696
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 6AA5 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.190.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-190-42.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 6AA5 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-7
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 6AA5 		0
0
9db56c19-4744-4b76-a4d4-21e5bdcd926d
ex.ingage.tech/v1/sync/ix/ Frame 6AA5 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/9db56c19-4744-4b76-a4d4-21e5bdcd926d?uid=Y3jqmXWi6NIqbBBRN6Ty8gAABFUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76c9b1e7788b9299-FRA
vary
Origin
usync.html
eus.rubiconproject.com/ Frame 4D76
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=9db56c19-4744-4b76-a4d4-21e5bdcd926d&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=9db56c19-4744-4b76-a4d4-21e5bdcd926d&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Nov 2022 14:39:22 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 19 Nov 2022 14:39:22 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
setuid
px.ads.linkedin.com/ Frame B54A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAO1DB6O-1L-EF9Z
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAO1DB6O-1L-EF9Z
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 15B749258449484286981BAAA35E5242 Ref B: DUS30EDGE0908 Ref C: 2022-11-19T14:39:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXt08nNIoI8tmH4D3HA6g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAO1DB6O-1L-EF9Z
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B54A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LZ6GYuYARsSiaciTf80nCA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LZ6GYuYARsSiaciTf80nCA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LZ6GYuYARsSiaciTf80nCA
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7J52B53HVHRX0WFQAWR2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LZ6GYuYARsSiaciTf80nCA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame B54A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame B54A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FT6912FXNSQPN68MHKC7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B54A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPMURCNk8tMUwtRUY5Wg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPMURCNk8tMUwtRUY5Wg==
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPMURCNk8tMUwtRUY5Wg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B54A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI1MDU0NTZlNjYxNDRlOGUyNmJjMDBjM2ZhNTEyZWYwZTE0ZWFmNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI1MDU0NTZlNjYxNDRlOGUyNmJjMDBjM2ZhNTEyZWYwZTE0ZWFmNw
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI1MDU0NTZlNjYxNDRlOGUyNmJjMDBjM2ZhNTEyZWYwZTE0ZWFmNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B54A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH6FnsxJ4qCDM48aiUrLwmU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH6FnsxJ4qCDM48aiUrLwmU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH6FnsxJ4qCDM48aiUrLwmU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B54A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-fzRQlk1L9pyYLUP9wRc1sn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5803750675947982385
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5803750675947982385
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 19 Nov 2022 14:39:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5803750675947982385
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4D76 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:22 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Nov 2022 05:41:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54056
Connection
keep-alive
Content-Length
10066
Expires
Sun, 20 Nov 2022 05:40:18 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4D76 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=LAO1DB6O-1L-EF9Z
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
id.a-mx.com/sync/ Frame A84E 		94 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://forum.killerfrogs.com/index.php?forums/-/list&u=https://forum.killerfrogs.com/index.php?forums/-/list&v=6.25.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 14:39:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3n3yV3bwYgJUAbnlR9ovXXb%2F3TqtaSd6pqzNBx16TCc7Mi4V91zJhSEZmlTvN7rdBCDs9VBUqXbcehqwLHjDnc94EF9929NWHh%2FH13HK54Se4JMdktQzicyF5MXjwD7U%2BM642EBijw1yA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
76c9b1eaaa7cbbb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f
fid.agkn.com/ Frame A84E 		0
0
pd
u.openx.net/w/1.0/ Frame 697E 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 19 Nov 2022 14:39:23 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame 6F59 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13395636
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sat, 19 Nov 2022 14:39:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
/
ssc-cms.33across.com/ps/ Frame 7064 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a5AaH8kr4r64m5aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Nov 2022 14:39:23 GMT
server
33XP004
x-33x-status
2000208
async_usersync.html
acdn.adnxs.com/dmp/ Frame EEE3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
35813
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 19 Nov 2022 14:39:23 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
60, 440876
X-Served-By
cache-lga13626-LGA, cache-hhn4062-HHN
X-Timer
S1668868763.264041,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame CB79 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Nov 2022 14:39:23 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 406A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=38613
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 14:39:23 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 20 Nov 2022 01:22:56 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 3C74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668868760130
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13437/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://forum.killerfrogs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync
ib.adnxs.com/ Frame EEE3 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:23 GMT
AN-X-Request-Uuid
9c7d11ce-e1b5-4d1b-be4d-5e3d7ee9b8f6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame CB79 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Nov 2022 05:41:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54055
Connection
keep-alive
Content-Length
10066
Expires
Sun, 20 Nov 2022 05:40:18 GMT
event.png
tpsc-eu3.doubleverify.com/ Frame 574F 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=08a2051853af490c9359440c56a1bdbd&flavor=0&gdpr=&gdpr_consent=&vdur=145&eoid=11&msrjs=3196&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=73&tetms=6&msltms=17&vltms=145&sei=290&vetms=32&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=29&isumms=28&nvr=6&elmtp=6&isbxdms=2236&b11=2434&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2434&sftb=2434&msrdp=1&naral=192&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=931&isuiabvms=931&ispmxpms=931&engalms=27&dvp_hdnAd=0&dvp_dpr=1&ttfurm=3198&cbust=1668868763496987
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3196.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:23 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/18/2022 14:39:23
async_usersync
ib.adnxs.com/ Frame D0AB 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:23 GMT
AN-X-Request-Uuid
053c01c8-f424-4480-90db-d1228e5bf853
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
f9d09da6-64e2-45fc-863c-d98297c31dd8.js
product.instiengage.com/ceu-code/ Frame DE54 		369 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/f9d09da6-64e2-45fc-863c-d98297c31dd8.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/77e4a266-5c73-4bbf-a4bc-eb987e1853a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa6c408908fd20d1316cb0cf1c506c1bee9caad097acb95c7f6fd7058d95c77f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
LHAO169nOsUlI0Sf2VquZmjk8O_Q1O6X
content-encoding
br
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
date
Sat, 19 Nov 2022 14:39:25 GMT
last-modified
Tue, 04 Oct 2022 16:28:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"2f5d080a29068424d27f79b201eb183f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600,public
x-amz-cf-id
JxBlcVc6c9Pzy75weFJWi6rNjOt2iHS5m5RxwtpZVHauIkV9nwbu-Q==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1758097621&t=pageview&_s=1&dl=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&dp=%2F77e4a266-5c73-4bbf-a4bc-eb987e1853a4&ul=en-us&de=UTF-8&dt=Forum%20list%20%7C%20KillerFrogs.com%20-%20Lowering%20Office%20Productivity%20since%201997&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1640946213&gjid=1680572233&cid=1373169964.1668868758&tid=UA-123718506-11&_gid=1408374931.1668868758&_r=1&_slc=1&z=1290081124
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame DE54 		230 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/f9d09da6-64e2-45fc-863c-d98297c31dd8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.228.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-228-225.compute-1.amazonaws.com
Software
/
Resource Hash
2f942c9fa45691562cd4059c8d220e456ff103207239f804ac09834539387779

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:24 GMT
access-control-allow-credentials
true
x-database-date
Fri, 18 Nov 2022 20:51:31 GMT
content-length
230
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame DE54 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9a00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
T2IjPTIo4qchLnC2G3GrIcEa98kcWaxz
date
Sat, 19 Nov 2022 14:39:24 GMT
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
last-modified
Wed, 13 Jul 2022 16:30:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
3
etag
"591958545714b5567fc57c2f4c215b1c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
REPLICA
accept-ranges
bytes
content-length
3973
x-amz-cf-id
FN7oyzWuIb3mA8k9b613qR8DYb5r5abnOVYcLMfLN1n656fcevfz2w==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame DE54 		649 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9a00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
date
Sat, 19 Nov 2022 14:36:40 GMT
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
170
etag
"b673377b664a0b33454c267d911fcfc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
649
x-amz-cf-id
g996ubJURGYg1DF95I_2iFE4wJoLiF7L_Cn94YdAi8SNrJ3SqpfnZQ==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame DE54 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9a00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
date
Sat, 19 Nov 2022 14:38:24 GMT
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
66
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4833
x-amz-cf-id
jZ8QvwwgO7aoiDha7HfyP_YfVnNCEz0Z1wi6PrBYoZJZ5wGUIQDSvg==
contents
cms.instiengage.com/v3/ Frame DE54 		17 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=f9d09da6-64e2-45fc-863c-d98297c31dd8&cookie_id=null&content_order=ORDERED&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/f9d09da6-64e2-45fc-863c-d98297c31dd8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.58.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-58-71.compute-1.amazonaws.com
Software
/
Resource Hash
0e395d8f6205b2258a9b92b7fca7dfe0fb1af585dc68ac698bfbf259eb7b3d3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://forum.killerfrogs.com
date
Sat, 19 Nov 2022 14:39:24 GMT
access-control-allow-credentials
true
content-length
17885
vary
Origin
content-type
application/json
async_usersync
ib.adnxs.com/ Frame EEE3 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 14:39:24 GMT
AN-X-Request-Uuid
1f84b2f4-4d4a-49e0-8f63-a9671ace5e65
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.38; 81.95.5.38; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-123718506-11&cid=1373169964.1668868758&jid=1640946213&gjid=1680572233&_gid=1408374931.1668868758&_u=aEDAAUABAAAAACAAI~&z=402871868
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.killerfrogs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 19 Nov 2022 14:39:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.killerfrogs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-123718506-11&cid=1373169964.1668868758&jid=1640946213&_u=aEDAAUABAAAAACAAI~&z=1577215044
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-123718506-11&cid=1373169964.1668868758&jid=1640946213&_u=aEDAAUABAAAAACAAI~&z=1577215044
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FB37 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F9db56c19-4744-4b76-a4d4-21e5bdcd926d%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Vq92b986n8w
static.instiengage.com/content_images/unsplash/ Frame DE54 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/Vq92b986n8w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9a00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb3b4a8e7498f0cc8de953fb450b0f48e7e526e98a05f7989a4e50d893faa619

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
7P1t6V3kkP7U_iKfzG0zSRuhStJHVKCD
date
Sat, 19 Nov 2022 14:39:26 GMT
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
last-modified
Mon, 29 Aug 2022 17:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"e4c3fe6503e3646a210eaeeeae677267"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
36820
x-amz-cf-id
bCxtq0xO8cnEDQfqRdCx2UvHyEbOVisMVNxxRGsxhxtfzLzVMrWl6Q==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931236&asId=b670ffae-ce0d-23cf-b229-62be520e0db5&tv=%7Bc:uqmDCA,pingTime:5,time:5096,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:81%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5096,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:81,wc:0.0.1600.1200,ac:436.1110.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5025~100%5D,as:%5B5025~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:121,fm:tnDZf4x+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18%7C191%7C192%7C1a*.931236%7C1b%7C1c%7C1d,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:82,sis:146%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:dbf8:cb33:6058:925d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.killerfrogs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:25 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 8BE4 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2773069&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0edd107a7d16dfb7d775bf53b032d2fc2d56608a5bb83a13a3221ff371015e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 19 Nov 2022 14:39:25 GMT
content-length
1092
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame D68C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:33C3A85ED9DD44C0ADCBF5960E8FE321&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:33C3A85ED9DD44C0ADCBF5960E8FE321&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 19 Nov 2022 14:39:25 GMT
expires
Fri, 18 Nov 2022 14:39:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:33C3A85ED9DD44C0ADCBF5960E8FE321&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Artemis
aud.pubmatic.com/AdServer/ Frame 8BE4
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A546330C-3216-4850-BC79-A83D4A431B66&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A546330C-3216-4850-BC79-A83D4A431B66&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date
Sat, 19 Nov 2022 14:39:25 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A546330C-3216-4850-BC79-A83D4A431B66&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 8BE4
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A546330C-3216-4850-BC79-A83D4A431B66&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A546330C-3216-4850-BC79-A83D4A431B66&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A546330C-3216-4850-BC79-A83D4A431B66&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:35 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:35 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A546330C-3216-4850-BC79-A83D4A431B66&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 8BE4 		95 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=A546330C-3216-4850-BC79-A83D4A431B66
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
76c9b1f9ea545b62-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 8BE4
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A546330C-3216-4850-BC79-A83D4A431B66
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
18.210.87.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-87-63.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 14:39:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 19 Nov 2022 14:39:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8BE4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0ac84c21-639b-4b10-8325-b0d1c708660d&gdpr=0&gdpr_consent=
1 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0ac84c21-639b-4b10-8325-b0d1c708660d&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Nov 2022 14:39:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0ac84c21-639b-4b10-8325-b0d1c708660d&gdpr=0&gdpr_consent=
Date
Sat, 19 Nov 2022 14:39:26 GMT
Connection
keep-alive
X-CI-RTID
654bcb0f-0f6c-4f53-aa4a-f08660934df0
Content-Length
205
Content-Type
text/html; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 406A 		289 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7110624&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
118cff2940324555def2fd36bb5a428afed29649fd02c69debe768ee762d6fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 19 Nov 2022 14:39:26 GMT
content-length
289
content-type
text/html; charset=UTF-8
ids
idsync.frontend.weborama.fr/ Frame 406A
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3803717078
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A546330C-3216-4850-BC79-A83D4A431B66
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A546330C-3216-4850-BC79-A83D4A431B66
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:26 GMT
via
1.1 google
last-modified
Sat, 19 Nov 2022 14:39:26 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A546330C-3216-4850-BC79-A83D4A431B66
date
Sat, 19 Nov 2022 14:39:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame 406A 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 14:39:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.53
content-length
49
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 8BE4 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 14:39:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.betrad.com
URL
http://c.betrad.com/surly.js?;ad_wxh=728x90;coid=1976;nid=10657;
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&r=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist

Verdicts & Comments Add Verdict or Comment

240 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| XF object| Insticator function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| convert_to_time function| do_cd number| countdown number| hh number| mmt number| mm number| ss number| dd number| infolinks_pid number| infolinks_wsid boolean| IL_INIT object| $iceboot object| INFOLINKS function| $ function| jQuery object| Mustache function| autosize function| admiral object| googletag function| _defineProperty function| _typeof object| didna object| DIDNA_CONFIG function| 4dm1r11545242527 function| a0_0x1348 function| a0_0x5ade object| pbjs object| grumi object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| headertag object| ggeac object| google_js_reporting_queue object| owpbjsChunk object| owpbjs object| PWT string| partnerName string| key number| $iceId object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| $jscomp function| $jscomp$lookupPolyfilledValue object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant object| InsticatorXmess undefined| google_measure_js_timing object| __connect object| instBidChunk object| hindsight boolean| hindsight_loaded object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| slotElement object| bubble object| skins function| ILVideo function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_6 function| sync16589_ua function| sync16589_4 function| sync16589_8 function| sync16589_va function| sync16589_7 function| sync16589_5 function| sync16589_3 function| sync16589_wa function| sync16589_9 function| sync16589_xa function| sync16589_ya function| sync16589_$ function| sync16589_za function| sync16589_Aa function| sync16589_Ba function| sync16589_Ca object| lotame_sync_16589 function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 object| regeneratorRuntime object| ox_esp object| signal_decrypted function| __esp_getUID2Async object| __uid2 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| yl_logger number| lnt_z object| GoogleGcLKhOms object| google_image_requests

156 Cookies

Domain/Path Name / Value
forum.killerfrogs.com/ Name: xf_csrf
Value: mAp5UbCJh5Kxdelb
.killerfrogs.com/ Name: _ga
Value: GA1.2.1373169964.1668868758
.killerfrogs.com/ Name: _gid
Value: GA1.2.1408374931.1668868758
.killerfrogs.com/ Name: _gat_gtag_UA_11178537_1
Value: 1
forum.killerfrogs.com/ Name: logglytrackingsession
Value: 02a9fa8b-738a-4f8b-b8f2-753406ae545c
.infolinks.com/ Name: cuid
Value: 3c3bf43e-8b06-4863-b480-ae03b21d0779
.killerfrogs.com/ Name: InstiSession
Value: eyJpZCI6IjU5MzcwYmMwLWEwYWUtNDkxMy1hNDgzLWVmNjYyMTE3ZTY4ZiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.forum.killerfrogs.com/ Name: _awl
Value: 3.1668868758.0.5-485ee3746957ca953870dc366c7553ad-6763652d6575726f70652d7765737431-0
.adnxs.com/ Name: icu
Value: ChgIpOxLEAoYASABKAEwltXjmwY4AUABSAEQltXjmwYYAA..
forum.killerfrogs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.killerfrogs.com/ Name: _pubcid
Value: 880fb91e-21c1-4e8f-af66-8dacd6080bf0
forum.killerfrogs.com/ Name: hb_insticator_uid
Value: 9db56c19-4744-4b76-a4d4-21e5bdcd926d
.rubiconproject.com/ Name: khaos
Value: LAO1DB6O-1L-EF9Z
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoV7ZYvVJrKc14C1LCtWBX9mfsNIvv6Qtp0kTU4st2Mufa/dlbfKVXbkriCgAdngCvdt8Ig0v6XPj79QniQXr/UnNTglat5Vb9t3L0jQtGnAA==
.adnxs.com/ Name: uuid2
Value: 1052156515884976696
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlP87AqGOszKmJNVTm8h7j3-iCHmf51pN31TlSyiQDMo7sYsnK63aSbQsanL5a3VZa-vIajS1hPOyNksLPPEPOmXlOOTPqsrP1c
forum.killerfrogs.com/ Name: visitorGeo
Value: DE
forum.killerfrogs.com/ Name: visitorCity
Value: Erlangen
forum.killerfrogs.com/ Name: visitorIP
Value: 81.95.5.38
.killerfrogs.com/ Name: lotame_domain_check
Value: killerfrogs.com
.go.sonobi.com/ Name: HAPLB3A
Value: s3519|Y3jqm
.criteo.com/ Name: uid
Value: 83816679-d840-44ee-9d5a-ef3f6cfbdd12
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.doubleclick.net/ Name: IDE
Value: AHWqTUmF96RWSv3CJTLHWpUar00IJSBjtaLkeWiobRMTrV_nmEux2DjBA4e9Duy_RBQ
.openx.net/ Name: i
Value: 0587ff99-c26c-4e8b-9fb4-3dfa6211404d|1668868759
.killerfrogs.com/ Name: __gads
Value: ID=82b8ce1dd093e46b:T=1668868758:S=ALNI_Mb4KlfOZxHHkm5oIZqkfr2YzSS0Zg
.killerfrogs.com/ Name: __gpi
Value: UID=00000b840e1dcc2a:T=1668868758:RT=1668868758:S=ALNI_MaTaypLWEmU7PFg4y_kuGSm8B6PCQ
.yieldlab.net/ Name: id
Value: 71cc8a8a-1741-44e8-bdb7-0307293e4a75
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=543676445F2AB4"
.doubleclick.net/ Name: DSID
Value: NO_DATA
.prebid.a-mo.net/ Name: __amc
Value: 2_1668868758_1668868760
.flashtalking.com/ Name: _D9J
Value: 1256054dd1fa4e77a4a98fb896457e51
.lijit.com/ Name: ljt_reader
Value: FrYPvGZH-ym0YxxUROWJeC84
.simpli.fi/ Name: suid
Value: 33C3A85ED9DD44C0ADCBF5960E8FE321
.yahoo.com/ Name: A3
Value: d=AQABBJjqeGMCEOu0AFTuYQyNYRGnBmHbNowFEgEBAQE8emOCYwAAAAAA_eMAAA&S=AQAAAoQYsV-IArgpe0Wcg8LI-X8
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A546330C-3216-4850-BC79-A83D4A431B66
.360yield.com/ Name: tuuid
Value: 554287d6-8ac5-435b-898e-e2e4e1638bbf
.360yield.com/ Name: tuuid_lu
Value: 1668868760
.blismedia.com/ Name: b
Value: 6378EA983E172B40CC1D3490BLIS
.ctnsnet.com/ Name: gid_CAESED75gNtO_ID1-_dMYeOiRjQ
Value: 1
.w55c.net/ Name: wfivefivec
Value: QjnGoXSM1OWp045
.w55c.net/ Name: matchgoogle
Value: 5
.bidswitch.net/ Name: c
Value: 1668868760
.bidswitch.net/ Name: tuuid_lu
Value: 1668868760
.bidswitch.net/ Name: tuuid
Value: f9f9fa38-119c-49e9-8f33-1f92795c8b6b
.awin1.com/ Name: awpv11354
Value: 412871|1668868761|f44a25f0-6817-11ed-9792-223985e9a9b7
.awin1.com/ Name: awpv20044
Value: 412871|1668868761|f4521531-6817-11ed-adce-2234a4c513ba
.awin1.com/ Name: awpv11938
Value: 412871|1668868761|f4596833-6817-11ed-9f2f-2266c0ccb091
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjY4ODY4NzYxdmxlYTFkZTIwMjIxMTE5MTUzOTIxNzg2OTA4NzgwNzVYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022111915392178690878075X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1668868761_f4596833-6817-11ed-9f2f-2266c0ccb091%22%2C%22sp%22%3A%22awin%22%7D
.zenaps.com/ Name: awpv11354
Value: 412871|1668868761|f44a25f0-6817-11ed-9792-223985e9a9b7
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjY4ODY4NzYxdmxlYTFkZTIwMjIxMTE5MTUzOTIxNzg2OTA4NzgwNzdYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022111915392178690878077X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjY4ODY4NzYxdmxlYTFkZTIwMjIxMTE5MTUzOTIxNzg2OTA4NzgwNzdYMTE3NzAzVjEyMjYxMzI3MDJNU
pool.admedo.com/ Name: tuuid
Value: 58b97118-599e-4bea-9699-2760a6c78b2a
pool.admedo.com/ Name: c
Value: 1668868761
pool.admedo.com/ Name: tuuid_lu
Value: 1668868761
www.conrad.de/ Name: HTLP_timestamp
Value: 1668868761
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: Lop7wfmszi8jihUOMr1xTggel5Wc7wsCobJIvtfY_Zs-1668868761-0-AdxDQNiobYF0vMKZT0ESsWK5elCCIshXTR31LcqjIxfmoLcYIJg5agIO6i8jj5xaw/Cag9of5gmkw9c1QbaJLHU=
.tapad.com/ Name: TapAd_TS
Value: 1668868761442
.tapad.com/ Name: TapAd_DID
Value: 5eb1dee7-5f20-4011-b5b7-4d31a0cd5aaf
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.servenobid.com/ Name: pid_312
Value: 1052156515884976696
.casalemedia.com/ Name: CMID
Value: Y3jqmXWi6NIqbBBRN6Ty8gAA
.casalemedia.com/ Name: CMPS
Value: 1109
.casalemedia.com/ Name: CMPRO
Value: 1109
forum.killerfrogs.com/ Name: _lr_retry_request
Value: true
forum.killerfrogs.com/ Name: _lr_env_src_ats
Value: false
.killerfrogs.com/ Name: cto_bundle
Value: f7XZuF94UmpSMVFBbE5Gd21PaG1KM080JTJGM1Y4Sjc1aVNWc0ZleWFHSDNaU0dva0RHRFp4cER1SHpBc0RoY0lnRjdpdHcxVWJFVHlOVHRWRWtZdGNuNlZIRHZvS0d3MUFrUFhkV213JTJCS0pmbUNlVU9JVlBNcjAyJTJCJTJGbjBGUHdFMjU4ako4Z0pxUnFzUHd2alNpOHp4eThTMUZJUSUzRCUzRA
.killerfrogs.com/ Name: cto_bidid
Value: H3QWGV94Qng5VUJKZUZCUG8zT1VEbVZMTHZDeFhhandxMHdYNUN3QVpTaTNjajZNJTJCVlRsa3YwRUZqRiUyQjh0SW5ldE0ycXYxalVUTCUyRnFBN2Y4MHJpM25Ya2pldG5ENU5oWWZUZU0lMkZmS2EyRk5vJTJGR1RKTXZ2RExZZE5aZ0g5aUR1a0RlJTJCSg
.brand-display.com/ Name: _knxq_
Value: 8e91b1c7-9317-180b-82bb3403.1668868762.0.1668868762.1668868762
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECqpIReggPgQlL2pVMb9eiY&KRTB&16514-CAESECqpIReggPgQlL2pVMb9eiY&KRTB&23025-CAESECqpIReggPgQlL2pVMb9eiY&KRTB&23386-CAESECqpIReggPgQlL2pVMb9eiY
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
forum.killerfrogs.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-19T14%3A39%3A22%22%7D
.technoratimedia.com/ Name: tads_ipv6
Value: 2a01:4a0:2b::4
.w55c.net/ Name: matchpubmatic
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~28dq:18z8~28dq"
.ctnsnet.com/ Name: cid
Value: 983e892cdd034bd18e1ee269599bec63
.quantserve.com/ Name: d
Value: EKkBCwHOJ_ijAA
.quantserve.com/ Name: mc
Value: 6378ea9a-afef5-6a59d-b9da5
ads.playground.xyz/ Name: connect.sid
Value: s%3A-wd-H1PAdnz60PVt5BIa-_aBVrf2LrUO.ctPB7jpi05MZ5JiU7RxnRzrAJFzMnBUHv3%2BtXTe3Dnw
.adfarm1.adition.com/ Name: UserID1
Value: 7167736754130253974
ex.ingage.tech/ Name: instUid
Value: 9db56c19-4744-4b76-a4d4-21e5bdcd926d
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD&KRTB&19420-kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD&KRTB&22979-kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD&KRTB&23403-kYaYNMLUlm2K1MlpwYCCOsaAlmiK15ZoxoBeBDJD
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-655470ef-f274-4586-b1d3-efae73e43677-003%22%2C%22zdxidn%22%3A%222069.50%22%2C%22nxtrdr%22%3Afalse%7D
.de17a.com/ Name: guid
Value: 1.1271606574105065392
.adsby.bidtheatre.com/ Name: __kuid
Value: 1ebdc6e8-b3e5-4608-8c90-56d06b958a56.438082762
.onaudience.com/ Name: cookie
Value: 95ae25b50b1cc360
.onaudience.com/ Name: done_redirects161
Value: 1
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1271606574105065392
.adform.net/ Name: uid
Value: 3973753479677356042
.turn.com/ Name: uid
Value: 3701077014634676759
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3jqmgAJOiEFcQA7
.onaudience.com/ Name: done_redirects104
Value: 1
.bidr.io/ Name: bito
Value: AAEV007G8dUAACCteqLVDg
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMTS
Value: 2125
.scoota.co/ Name: tuuid
Value: 35d28012-38f3-4aa7-a9f0-037c929d7131
.scoota.co/ Name: c
Value: 1668868762
.scoota.co/ Name: tuuid_lu
Value: 1668868762
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3701077014634676759&KRTB&23150-3701077014634676759
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7167736754130253974&KRTB&23369-7167736754130253974
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3973753479677356042&KRTB&23263-3973753479677356042
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1052156515884976696&KRTB&23339-1052156515884976696
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:QjnGoXSM1OWp045&KRTB&23421-uid:QjnGoXSM1OWp045&KRTB&23429-uid:QjnGoXSM1OWp045
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y3jqmgAJTN8wLgAO&KRTB&22978-Y3jqmgAJTN8wLgAO&KRTB&23194-Y3jqmgAJTN8wLgAO&KRTB&23209-Y3jqmgAJTN8wLgAO
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f9f9fa38-119c-49e9-8f33-1f92795c8b6b
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: b6437220-4223-3457-896a-4562727c7dbb
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 23203a1f-f110-5243-aa60-5782c918bd18
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: Y3jqmwACeNAXjdz9Ul9p-cTfTOKo4U0ZA540dQ==
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f0537a92-924f-47b1-4b6c-61c52f8b4c75.N47LwUoly6r%2FAdgtHdh8fUeHqy%2BP10sRwc4V0Kx2AVA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A8FN6kpJPR7FLbGHFL4tMdVFfBSY.09vJJwTId%2BuZEdKUBXshteW0u29xY%2B441vDmUTQIISI
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-8FN6kpJPR7FLbGHFL4tMdVFfBSY&KRTB&23334-8FN6kpJPR7FLbGHFL4tMdVFfBSY&KRTB&23417-8FN6kpJPR7FLbGHFL4tMdVFfBSY&KRTB&23426-8FN6kpJPR7FLbGHFL4tMdVFfBSY
.tribalfusion.com/ Name: ANON_ID
Value: alntmItZdPufm7SpBnA8oDLWNUWLfZcrL0mJEFjd1HrE2ZcamsWfG8bqgnRVjoimE80oQsrvZc5E3PTYCdWZa7XCFY6C6
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&7f4e6675-95ad-4183-8c9d-58a4c62e4763"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njg4Njg3NjM7MjswMjEBcgD0HODVOqTgonFoBGP9c75bsIYbYr+hT5HN0repNg==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2823:u=1:x=1:i=1668868763:t=1668955163:v=2:sig=AQHBZDc1q22E7S23Cyw0vmVe6EP_tLnH"
.amazon-adsystem.com/ Name: ad-id
Value: AwExTtVomU7qnYp_Vk3ibs8
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:76556378-ea9b-4200-a08d-76085ccc2d72&KRTB&16736-uid:76556378-ea9b-4200-a08d-76085ccc2d72&KRTB&23019-uid:76556378-ea9b-4200-a08d-76085ccc2d72&KRTB&23208-uid:76556378-ea9b-4200-a08d-76085ccc2d72
.mathtag.com/ Name: uuid
Value: 068b6378-ea9b-4300-89c0-73b499017194
.killerfrogs.com/ Name: _gat_Insticator_Embed_v4
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1668868763
.pubmatic.com/ Name: SyncRTB3
Value: 1669420800%3A223_2_15%7C1669680000%3A63%7C1670112000%3A35%7C1671408000%3A203%7C1674000000%3A69%7C1670025600%3A166_22_99_13_8_176_3_243_165_238_55_204_81_71_7_56_5_88_161_234_251_104_214_21_54_233_220
.fiftyt.com/ Name: fifid
Value: b97dbd23-de6b-4467-6fd1-786ce7b054a2
.fiftyt.com/ Name: cs
Value: MTY2ODg2ODc2NXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fEHAc1QvXasaq8kV5NbOGFRw8tubAKY_g2NVCagbrxS8
.zeotap.com/ Name: zc
Value: fdf86923-2885-44f3-7b62-68b817b39781
.fiftyt.com/ Name: fppm
Value: 20221119143925
.semasio.net/ Name: SEUNCY
Value: DD2E8596ECCBAB7D
.ipredictive.com/ Name: cu
Value: 0ac84c21-639b-4b10-8325-b0d1c708660d|1668868766049
.audrte.com/ Name: arcki2
Value: bm5GV9RtoBTSSKbb6qkAzJnLw!20220908!1668868766049!ip#81.95.5.38
.audrte.com/ Name: arcki2_pubmatic
Value: A546330C-3216-4850-BC79-A83D4A431B66!20220908!1668868766053
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-0ac84c21-639b-4b10-8325-b0d1c708660d&KRTB&23011-0ac84c21-639b-4b10-8325-b0d1c708660d&KRTB&23355-0ac84c21-639b-4b10-8325-b0d1c708660d
.pubmatic.com/ Name: PugT
Value: 1668868764
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: pi
Value: 157898:4
.pubmatic.com/ Name: DPSync3
Value: 1668902400%3A174%7C1670025600%3A197_226_227_235_201_245_219_221_241
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1668890366310
.weborama.fr/ Name: AFFICHE_W
Value: bwpCX0x0JVZv30

14 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://static.solutionshindsight.net/assets/Zm9ydW0ua2lsbGVyZnJvZ3MuY29t
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: about:blank
Message:
Mixed Content: The page at 'https://forum.killerfrogs.com/index.php?forums/-/list' was loaded over HTTPS, but requested an insecure script 'http://c.betrad.com/surly.js?;ad_wxh=728x90;coid=1976;nid=10657;'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://forum.killerfrogs.com/index.php?forums/-/list
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://forum.killerfrogs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ups.analytics.yahoo.com/ups/58596/fed?1p=0&he=&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58596
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95ae25b50b1cc360/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRVgnXVhVahbjjYUa
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://forum.killerfrogs.com/index.php?forums/-/list
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&r=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist' from origin 'https://forum.killerfrogs.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist&r=http%3A%2F%2Fforum.killerfrogs.com%2Findex.php%3Fforums%2F-%2Flist
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A546330C-3216-4850-BC79-A83D4A431B66&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a96a8120a9ce8d2357fea80ddd9a943.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
api.webgains.io
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
aud.pubmatic.com
auth.instiengage.com
banner.congstar.de
bcp.crwdcntrl.net
btlr.sharethrough.com
c.betrad.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.adnxs-simple.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.flashtalking.com
cdn.id5-sync.com
cdn.indexww.com
cdn.track.production.webgains.team
cdn1.opstag.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.instiengage.com
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d37a9dee6f43e6019b7ece3511a08c32.safeframe.googlesyndication.com
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
d9.flashtalking.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
eus.rubiconproject.com
event.insticator.com
ex.ingage.tech
fastlane.rubiconproject.com
fid.agkn.com
forum.killerfrogs.com
g2.gumgum.com
gcm.ctnsnet.com
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
gw.geoedge.be
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.sharedid.org
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
insticator-d.openx.net
insticator.technoratimedia.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
js-sec.indexww.com
lax1-ib.adnxs-simple.com
lexicon.33across.com
loada.exelator.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-geo.s-onetag.com
onetag-sys.com
os4m-d.openx.net
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prod-rtb.ad4mat.net
prod.uidapi.com
product.instiengage.com
protected-by.clarium.io
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
readymoon.com
resources.infolinks.com
router.infolinks.com
rt3061.infolinks.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
static.instiengage.com
static.solutionshindsight.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
tag.1rx.io
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
tr.blismedia.com
track.webgains.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.zenaps.com
x.bidswitch.net
api.rlcdn.com
c.betrad.com
cm-supply-web.gammaplatform.com
fid.agkn.com
103.229.206.240
104.111.218.105
104.18.33.19
104.18.36.94
104.254.151.69
129.158.42.199
13.224.189.102
13.224.189.85
13.224.189.97
13.225.78.128
13.225.78.19
13.225.78.64
13.225.78.71
13.48.37.161
141.94.170.64
141.94.171.214
141.95.171.140
141.95.98.65
142.250.181.226
142.250.185.198
142.250.185.226
143.204.215.72
147.75.85.234
148.251.139.77
15.197.193.217
151.101.130.49
151.101.193.108
162.254.117.67
172.64.151.162
172.64.154.237
172.66.41.9
178.250.0.157
178.250.0.163
178.62.202.251
18.133.151.109
18.156.0.31
18.159.93.136
18.195.196.208
18.198.126.47
18.210.87.63
184.24.4.64
185.64.189.112
185.64.189.229
185.64.190.78
185.64.190.80
185.80.39.216
185.89.210.153
185.89.210.46
188.42.189.231
192.96.203.13
195.5.165.20
198.47.127.18
198.47.127.20
2.18.232.99
2001:678:cb4:bbbb::11
213.155.156.165
213.19.147.43
213.19.147.44
216.52.2.39
23.203.81.208
23.205.235.133
23.35.236.188
23.35.236.201
2600:1901:0:328a::1
2600:1901:0:76b9::
2600:1901:0:8344::
2600:1f18:1aca:4281:dbf8:cb33:6058:925d
2600:9000:206f:5800:4:b37b:9440:93a1
2600:9000:21f3:7800:1c:386f:ec80:21
2600:9000:21f3:800:10:3422:3f00:21
2600:9000:21f3:9a00:17:5bae:c7c0:93a1
2600:9000:21f3:a600:9:78a:e540:93a1
2600:9000:223f:1600:8:48e:53c0:93a1
2600:9000:223f:7200:1b:5138:8a40:93a1
2602:803:c003:200::31
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:3456
2606:4700:10::ac43:2954
2606:4700:10::ac43:db6
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6812:106b
2606:4700::6812:19ad
2606:4700::6812:7e05
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:806::2010
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9a
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:d::1732:83c8
2a02:fa8:8806:20::2040
2a02:fa8:8806:20::2100
2a05:d018:d29:3605:9b7c:1499:54cd:6891
2a06:98c1:3121::3
3.11.155.214
3.134.15.126
34.102.146.192
34.102.253.54
34.111.129.221
34.111.131.239
34.111.151.213
34.120.107.143
34.120.133.55
34.149.12.213
34.149.20.76
34.193.228.225
34.199.177.9
34.201.233.242
34.209.30.241
34.231.111.174
34.253.143.131
34.96.105.8
34.96.70.87
34.98.64.218
35.175.58.71
35.186.193.173
35.190.39.111
35.201.96.126
35.204.74.118
35.210.53.219
35.214.223.115
35.227.248.159
37.157.2.238
37.157.6.247
46.4.62.19
46.51.193.50
5.161.54.172
51.89.9.252
52.28.203.152
52.46.151.131
52.48.190.42
52.49.181.242
52.94.223.37
54.156.81.40
54.237.254.37
54.247.151.106
54.75.190.240
54.75.59.39
54.78.104.30
54.93.177.145
66.155.71.149
67.202.105.23
69.173.144.138
69.173.144.165
72.251.245.179
72.34.250.78
77.243.60.138
78.46.85.162
8.43.72.98
84.200.5.215
85.114.159.118
96.16.141.156
99.81.44.108
99.86.4.53
014b0fae1e562640128e80bd57234b73982dbc0a1b0ddb93af3c159b242a1162
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03bc2a25018911215c51dc3e6b65c2814ddd60f28ef18c6e394347173983ba4c
03e82ecf3ce3e6fc338787bad303de972c6fdf9816274e02fb4a3e5074103a34
04a7d9efce5d983c3826bb9c642bdbd8da079284a815f7028b38b901de6f1e44
07e2e27b4fcc1dbc4820079e3ff4d1a77631f7cef71d2f9a8b709f0268c05c55
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09269f843abd919aaa48f9e28317653b8bcf16101e44d39ae4a2df3d5f277ba5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be42d68cd1377aba7b8f73b328c06a52c3cecdc188ad519081fbac469a17f36
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c321f83250ab6a8b45bb8a8aa69a6b11a950231a89bf5e23ce2444cd9d4872c
0d92710a0eccd2bb3c797a168c3f9481d189508d6c4e8f6f7f793216079a9692
0e395d8f6205b2258a9b92b7fca7dfe0fb1af585dc68ac698bfbf259eb7b3d3a
0edd107a7d16dfb7d775bf53b032d2fc2d56608a5bb83a13a3221ff371015e3d
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
118cff2940324555def2fd36bb5a428afed29649fd02c69debe768ee762d6fdd
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1884d6f4fe839f1a3042d56301cc2e3d574e86b23c9495c74a4ff656c57c1c94
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1c133c3e12f2893f61a9d21579f4251eda485ed55b8eda7ea641b7bad75441b1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d22b0a9a170713d6a07911954ec512379461b9b8ca2ea20d7790509e6eb70d0
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e237501ee3a5b510688d5ded6409d49f123a978f89e71f81b117508f5e73fef
1e4a2867141599bdbc4bc65513cba3f7bb8578300682e63d5d39e6324454cbc8
1e5312ba169a8b2f3900496eb27f99c50f2897ad3892009a5f71c15f055eb7f4
1f9fe27de2c4c607356b88ca2178495fe3542d66320951c5e18f38ac2231d1f0
1fc5ccd0c7ae2df02b1908c49930405beb859f24ddce2a2e48491d1aada4f6ad
216ba835e231434cd3c2ce6e760ded2025d6e4f56cc58facbff381b0b2a87fd1
233b7171d71c482f12be2d6a2554f344b651cfb17c310609b8f56196ae7cc14a
238602289aec73870e9f290a983c0bee550a06b4393743983fa55cc9eb59f542
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
25bb81662ff4ff6098a4f65bf176da326622545cefa4357556a4ee4f7a2adbdf
26155f573fb7942a2f0dc177ed183337989c43ef1fa473eb08c15c77fd009981
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b2f2addeef3a1b86a3595d64d2a203fd308d77cd6fa3fc03094e4f67f7e2c5b
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2d718456f3de840af4136560c004b1aae0e6bca818ba1e8c0fa3bc39e971abae
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f942c9fa45691562cd4059c8d220e456ff103207239f804ac09834539387779
2fa78bb820716fdb7bdf5f6b37ad2c39e822003ab3085e51140f903c72cfff2c
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
30f006b8657047b3ac0f7d8a5a83bbc99b1bf30e7610ac994dd001b4aa514529
3119610b008741b308d19d7b32ee5a16be56f63be203bd0c0fc23b2ba54aa15a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
354551f6fb654f3f9276f834f95e8a20271596d12602ed2f52cfb1c841b5af4e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3812dd6deca67a129dafa4e92d5bf69c25098e312afddad2b98c07659dba01f8
383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863
38cc0b115fd247849629413fa7ec2aabfce5aa782a21d4a01c3f63b743fa05cf
39d10a61216e36c50a1e2b1336d8279f2d5538abcc4d3f90c398582266747cb5
3a5d0c1b41bfaf120c4ed4c48a4aa7c8135683f024116284ceba639ca8bacb64
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dedd702fcd70b0af3e17e0c285c746ce6beef04b0f4a510097f805423e19b33
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401fbcf15346b1bff67718a8507ca342c243783290c966a2abada5ce0d7f250a
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
41c17ece134a5fe799904749683926dd366ea41a6fb68f0116cf1898469c78d5
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
4261c8715d3ba6c0172dd85a427b2f7089c20556e6fa12d67af768d241a93aa1
4268acf7e9a9fc9bea7bc60fabaa54938b321a75b1a3c3f2bb547bd7bf02a48b
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47f1dcb2f22567d0a4fd4c76a4e3ae309494d2be497cb3e1967f57bf16e839ab
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a3fc475ed17dba17fb20c1c8718969bb637efd5c048ecaf8204a58f3c99f264
4bf2a73823b8dd96a39d1b2926e816d5ec549de425bd4bed227e599f78e8e0e7
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4e016a0537ef72711d185b445b334512a4b80e1159cfb5afa96c4d6f54e160ea
4e2980274725fbb36ec10223bbfc385ba73a99534e52578c158c99d45c9168bb
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512273ac7c62f63808631d34472c5a7fc4a46a8abc3c379893df549fb2f71915
51f5b3906370b5dedb245a52438cdd950bf41391ac49b83f52fa5557fc21db41
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5487b41975ef2b0e319780a153e92f1d3f40d087bcdf5696c847922ad2ee7241
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e908fa43e2d973afb2f53e86f1b6437def904b607852ff82ecbbb20910622d
5780b8290ffe7b80ce1a2eb58ea133e64f13631cd94fc85c1b25ed4b7cce09aa
595b21c38c4ce2dcb50207a5d19d282ed77fa145d27ae9add5219412321540ef
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5decba30e3e3b7a130b501ad76c1a59e534fc17c1e630ff6435f3dbf52a0a83c
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
5f185b04aa506b07f807526ef21e365dfa884cdd5faddd3e7c528ca8c418a719
605003d671a5403d42afc8072c70d1f159f6a9d10a929fbcef742537f3a70365
60c3b1bfc4f1d426e82117dfc692f4614a983e5e972a06cd1f88e4c881d690cc
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6619c3c9eaf6738dc2e1921e0682e82f4a5b0ac44a6b33d89812f576bc31ab41
66274949904b8e2375d746387aae4e4ce2838e50cfed6ed7bd2f2b63412f206c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667a2f03e63d6e41047b3bb7a02f2836b5e58a61175194f59d9846acaabbffc0
66ed1607765163ed7deef71e85e02dbfee8c9002fe111f635431619977819a9e
674e6e8837e6ef9e93327486a309849f38e9808c3cfad82bd69f561b50d675dc
682c17ef393208095aaf321e645e6668411c722888f5f388db921af742786520
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
6a87b588978127e2d64d83d8b49a4ac8e7cea813de00c1b0d67bc8cc7426387a
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6db8b9f89959acd9a74f56afa8f6163f9c17db764afec5e7a31851aee3eca61b
6dcce479953676a6c0b85afe21b8f95547df09ccffb11ea7de60dea771fc8662
6e0c13c5813bcd58a3e56ece922a8b91a3a581a9b712374265a2c7ed57090f8f
6e3a7e487470b3c231c6dc107f5cc32d0eb05f7ea3686e0aeadebcaee4323add
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7184ab41cf778b1cf21506d80700c19163c1515a4a909e269695bf42d61da3db
73e87dab02f32f782b57b23c32cc348e84b75574fbc195e0d3827c8ac148c11f
746df91de5585124592271389455a72a441f9a2d239287d0d36242a4a125e7e1
75f22f266a5856321de543db7991249d97d32458bdd83850edf10e7e8a6ee457
76177446afcef4a0079a7db071669802987c95c671b08e13a5f4278701763499
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1
767e95ecb9f691e4e923d3d6b3e2985a346ba7a265bc361e474bf7f429caf147
779492801aef3d3c171e9b2745cda7f70a96d7c786c5ffa423210921241d7b5d
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7900b61c654b5c5c8e2592fcc4738e256046cc53883a016fbe696c591dac5d9d
79a0638a1378cd7721218ba452ce84a70c6ee154ca84d149f22c4d3e1cc94f4b
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7c91a67b48e76a833624d635b558f1fdc64b7dbc45344eb74b604da9fea2c297
7d6af81e918869fe172f3d3afbcea492b2d4cdca0751fce087e6c8e39275aa14
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80ec12244ed94cb36ab7bc54c9fec4bd8658e7f7ad9b89fc552f091ae1f83735
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8312bb531a57040564f06037735d977e2dc97fe9eb874686f048f3177e44b8f2
832fe93dde194769de496738142175731f04bc66c4f34ac70da8a3816cd49da9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83374d5ade2bd5e6b772642cec167db82e43a1e8c9e1bac6e128e16a7888e6b2
848360150c7285fb18cb4639a4bb09a3664499b3076d27648f1fd1ff8a7f538f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
858364408782a9612aca179e63cfcda6c8c64bbbebc65ec7a1dba1823d7084cd
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa
895d1a04067a5eccf3bbcd609f1d3f365fd42d50ef11a6af31c62ff59af072dd
8996d92d2401a14479a96f65fd5cd24d63d074c31b77ab92ec111532cb2b5d01
8bf78100c295e6105e17629d8aab4b8e3d6efb5cb4bf8ff1901de76daefc7c0a
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3b7ea2ceacf1ff82916d2b3ef7c13cee44eb06d26d37f82fea5cb5d525172e
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
901fd337d561b57b2cdeeacc5a9746195e340472f79092b768ac03fe57a0dc10
9031d9d04ce40b4a28249df518d85f76fd15809258d29c87066af2eb1ebda831
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
93c08cb508aff440691928151ae62851ebca5132242207a02573f52cb1a5d92a
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
94490c6d1ebae67d5678066fbbae4bd58b48698ac541213e5a93a099c05146d3
94bd0279c5934f609dcc531053ddae0c550e4850e0165db396f09c63093eba7d
95a82e52ecb4f70efc18df7bbd7533ca9a583888ca6991a4d71770902fc3022a
9859a77d93d4521ab74fceaf7647b1445ecef03dec55f1c97a6e8cf2c3788187
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af4667afd084858ccdeaafa0ae1a9fd23c9f24e5b05b594a2da9829eec21064
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841
9e02f606f1a329fbb0ce608b5f6524a3b274236ca2bf93abbca1b6275fbed308
9ff6f194bff4cae461e00227dbd90b97f8f5f04a0da5d69726380f5cb29e745c
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f87c0fd26535bebb5c7f9da625c6007b3ddb3ff0fccbaca1c4aa9abcb98f25
a1fead34651bc8a4717c7c08a4b065a1e3ba0cc8c75b0ba6aed7c853b9c3009c
a319459f4c298b45dedf0952323a5b0cbe58949ebc244d70e7016a120a697e78
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a50fd2c2415334c1be42218fccd59b837de10ed8ba364199d2c0b0d4a4c65299
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a8484bd12a13d22a7fb31ad344400c4ee8c2b87b76974dbfd373c125ee72fc61
a9ad6ca41372903b3ca0f443069701e1330437f4f0b51bf8da70e5e6f68ca63b
aa6c408908fd20d1316cb0cf1c506c1bee9caad097acb95c7f6fd7058d95c77f
aaec07c3cbe4a6663ab8d556f29ded4110287f4c3dc1786b1da0b4daffa2f416
ab1027b6eef20273649d03b0a84855acbce9900ed24d904ccc0fdfc210c2d414
adc77dab95ccc11d4fa80196004e854ace6e2b01ca5d7bebe59b7d7c74ddd3eb
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b038ff02723328607a63eb6e07a0f7a9a0bd088cdfb85d111414309230ad56a6
b041a9ac06412fc2d3c5e5feac8d6b962d36c26cee9ec098a6260a5821b3c87d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b3e88dc0e7ff1d23f69c42e066a93173c8f3516697b83bbb0d5250556a9114a0
b4193d48a138a2b957393a46f06ef5f470bcb1713bbf83ae9a4ff4c9f8d5a68b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b595ba0d3b5e8a9aaaea5976b2c6fdee45b77a8bb70bb9c547bc20fbcae1a6df
b5f1839e925b6493f42107babea5d979596e28708987a643fa5ad9c05e966f0a
b8794fd6664c984c074ea7c0581e0b453ad7001bbf66e57628b4ab870861563e
b94aacc6d5f88fdff746212268ad84ffd6b7668791df92ad3e41d5422177681f
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfe3ecad86362036bfbf2e0d2bc27a6a593cb0fff32a97a5b1b5f81b409a3bb6
c0c144df45a4e104b43309679a945d091316be0fc17f6b62aadb2f8f03cd6585
c218a8d287503973864fdf4f8733856a3a561ab0902bd1fead6038183267533f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c3cf0d79899800f180a3de6c39e2cd010790ee75b6f5cab8b59f4d0df7087ea2
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c403d10a62ce99293b3bccf1dcfa57019b6a43ee6d2bb68e4ee2cef077b14dc7
c518b4ceda687289bdbcbd35f9d428d68f6afe37b6c7bcc6a684217b455c337b
c6f44e351f920e8a32a0f47f6f0b83e5daa4f79af853868bd75990e10b2617bc
c7ed7ef9182dc5206d1b7a8038bcfe2b57fc1be96d78b75152e9b713ca4ef2d6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca0d81bbd9e01fdf0d7138622f7135a11e6b13026fa40ddb9a5e77ec985625cc
cb3b4a8e7498f0cc8de953fb450b0f48e7e526e98a05f7989a4e50d893faa619
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d2add4645bed7a531b01c9340d90b8f517ea7af7c295684070df6b52b5382865
d334ba20c3c11b1b388185a002c614ab75e759accfb6763b50863aaf11ed960d
d43f9002c8e1a1f10ca2370f1b122c144f0cd2321683c17dd1d9da859f81b4c4
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942
d557de3f39744cf5f2dc1fd949f47e98362dfdb6bd43a8b691d5b61bfb63fd95
d5fbf068765661cdee7aa2e8bf732ba2dbae53d5e2b91b40a083777ba83a9ea0
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da4cf3ad6682c929bd1d6fb284ced78ae07df21491f03a6bef500b865ef83a45
dad600c56c76b4004428693b384340558c37efe7ebdbf9d4889b1f69be14071d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd692c1a3c4f7627b7afd2f900fb7be320d8d53a86e156eacf4fe5d38451af27
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8
e0b233549d2cccccb9b5609db2bdffaeb77491ed21b955781fe3e516676e2567
e1ba6f139d68e6c5f0e83a7b6c6eed9ebcb79d8856c5f7d6507fd58c176f1d78
e1e19a8e708dcbc47d0945c6967fd01890d6320db36395d9bda43e13617e03d4
e2b479f8a717ca160c505310fdc2478fe278a2dbf612d094c8c1460f9dcad79c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ee656557857ba544b334f741cd1cb7daa4eebd0669f8ae1260333a57db8f96
e45cadb74527369632fa8dcd138580b6583ea3eb0db9087c51b8df9f5eb60a18
e6a19f4b3af27d479651edd2a6e6ad6efedf3cfeeee7981101041bfb7537c0f5
e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069
e7092dcab076f8d23a8607eedf7992f483bccf0942b0cd33048b739c338127db
e908652583795c12e861464649916d74e5f2af1659eda734bbf56bcc7f4b6027
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc738a492ca6d27c302d798ceae5e43229d45ed350fe9bc6e52b3698dec8877
ed3f73792849426ea084f7f3ce7d6e1786a83740d9f03c497b6c2fb888afb277
ee8e7bb6c9ab7b3caf5c199cd272ee4243eb41d488e24066003ce6b1ee2744a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f157fd166368c456707fa1f2eef15c16f0a2fcd7d88201293ff1b48de657a9a7
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
f46541d17347ca4a1df35bf3db72de5eac74db10d5a87118c27fedeba6e79366
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9e9933728437ea3b4f2ff828eba920b342e6666d308f405d3205e1ce89e1709
fb2fc89fac84d39da888e00df34a4b8fed8538970d661448d83e4233579f934c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48