urlscan.io logo urlscan.io
SecurityTrails logo

nets4.com Open in urlscan Pro
2a06:98c1:3120::7  Public Scan

Go To Rescan Add Verdict Report
URL: https://nets4.com/domain/leutholdgroup.com
Submission: On March 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 7 countries across 58 domains to perform 394 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is nets4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.
This is the only time nets4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 2a06:98c1:312... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 143.204.98.40 16509 (AMAZON-02)
1 14 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:27::... 8075 (MICROSOFT...)
5 20.62.48.180 8075 (MICROSOFT...)
26 3.94.45.13 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a04:4e42:200... 54113 (FASTLY)
2 2a04:4e42::649 54113 (FASTLY)
3 2a04:4e42:400... 54113 (FASTLY)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
25 142.250.181.226 15169 (GOOGLE)
44 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 85.14.248.91 24961 (MYLOC-AS ...)
8 2a00:1450:400... 15169 (GOOGLE)
1 217.79.188.60 24961 (MYLOC-AS ...)
2 217.79.188.54 24961 (MYLOC-AS ...)
1 37.157.3.29 198622 (ADFORM)
5 2a00:1450:400... 15169 (GOOGLE)
11 16 142.250.74.194 15169 (GOOGLE)
5 11 104.79.88.202 16625 (AKAMAI-AS)
4 7 37.252.172.249 29990 (ASN-APPNEX)
8 144.76.91.199 24940 (HETZNER-AS)
1 4 138.201.220.30 24940 (HETZNER-AS)
1 4 46.4.10.47 24940 (HETZNER-AS)
1 78.46.111.106 24940 (HETZNER-AS)
1 4 138.201.63.116 24940 (HETZNER-AS)
4 5 145.239.193.130 16276 (OVH)
3 88.198.250.30 24940 (HETZNER-AS)
8 8 104.92.94.3 16625 (AKAMAI-AS)
2 2 85.239.105.10 16097 (HLKOMM 04...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
6 46.236.13.147 12703 (PULSANT-AS)
2 4 216.58.212.134 15169 (GOOGLE)
2 2 94.23.99.218 16276 (OVH)
3 54.76.176.197 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 85.10.231.200 24940 (HETZNER-AS)
1 108.157.1.118 16509 (AMAZON-02)
3 151.139.128.11 20446 (STACKPATH...)
3 13.224.195.101 16509 (AMAZON-02)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.79.242.245 22822 (LLNW)
1 164.132.182.207 16276 (OVH)
1 85.114.131.233 24961 (MYLOC-AS ...)
1 54.81.170.138 14618 (AMAZON-AES)
2 2 213.155.156.180 1299 (TWELVE99 ...)
1 35.227.252.103 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 51.38.120.206 16276 (OVH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 52.223.40.198 16509 (AMAZON-02)
6 52.30.107.253 16509 (AMAZON-02)
4 4 84.200.5.215 31400 (ACCELERAT...)
1 88.99.63.132 24940 (HETZNER-AS)
1 78.46.85.162 24940 (HETZNER-AS)
2 141.95.99.211 16276 (OVH)
1 3 18.159.23.158 16509 (AMAZON-02)
6 6 18.185.147.206 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
2 3 213.19.147.45 3356 (LEVEL3)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 52.19.204.92 16509 (AMAZON-02)
1 35.158.47.202 16509 (AMAZON-02)
2 54.228.130.197 16509 (AMAZON-02)
394 71
36    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
nets4.com
img.nets4.com
s0.nets4.com
11    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    143.204.98.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-40.fra50.r.cloudfront.net
cdn.purpleads.io
14    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
2    2a00:1450:400e:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:1ec:27::cafe:1375 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
26    3.94.45.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-45-13.compute-1.amazonaws.com
api.purpleads.io
2    2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
3    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
a.tile.openstreetmap.org
2    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
b.tile.openstreetmap.org
3    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
c.tile.openstreetmap.org
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
25    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
44    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
8    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
15ed41447392c39526012ebb33067d08.safeframe.googlesyndication.com
023fc26b6b9537d4ef1bc238cfed3b19.safeframe.googlesyndication.com
f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
42    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
5    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    85.14.248.91 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ad13.adfarm1.adition.com
1    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
track.seadform.net
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
11    104.79.88.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-202.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
7    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
8    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal9000.redintelligence.net
4    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal900016.redintelligence.net
4    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal90002.redintelligence.net
1    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
ad.ad-srv.net
4    138.201.63.116 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
ad4.ad-srv.net
5    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
3    88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
8    104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
2    85.239.105.10 (Leipzig, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
10    2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)
singles.parship.de
6    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
4    216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f6.1e100.net
5994599.fls.doubleclick.net
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
3    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    85.10.231.200 (Kassel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-200.clients.your-server.de
www.media01.eu
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
3    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
static2.creative-serving.com
3    13.224.195.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-101.fra2.r.cloudfront.net
analytics.webgains.io
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
14    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    178.79.242.245 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-245.fra.llnw.net
asset.conrad.com
1    164.132.182.207 (France)

ASN16276 (OVH, FR)
PTR: ip207.ip-164-132-182.eu
cdn.ad-sun.de
1    85.114.131.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de
cdn.contentspread.net
1    54.81.170.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-170-138.compute-1.amazonaws.com
sync.adaptv.advertising.com
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
6    52.30.107.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
api.webgains.io
4    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
2    141.95.99.211 (France)

ASN16276 (OVH, FR)
PTR: ns3213278.ip-141-95-99.eu
id5-sync.com
3    18.159.23.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-23-158.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
6    18.185.147.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-147-206.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    52.19.204.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-204-92.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    35.158.47.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-47-202.eu-central-1.compute.amazonaws.com
match.justpremium.com
2    54.228.130.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-130-197.eu-west-1.compute.amazonaws.com
eum-eu-west-1.instana.io
Apex Domain
Subdomains		 Transfer
91 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
15ed41447392c39526012ebb33067d08.safeframe.googlesyndication.com
023fc26b6b9537d4ef1bc238cfed3b19.safeframe.googlesyndication.com
f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
449 KB
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 71352
1021 KB
36 nets4.com
nets4.com
img.nets4.com
s0.nets4.com
375 KB
29 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 176762
api.purpleads.io — Cisco Umbrella Rank: 157725
43 KB
22 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
29 KB
16 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 28803
hal900016.redintelligence.net — Cisco Umbrella Rank: 160272
hal90002.redintelligence.net — Cisco Umbrella Rank: 204200
123 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2174
ad4m.at — Cisco Umbrella Rank: 1742
assets.ad4m.at — Cisco Umbrella Rank: 32740
275 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
10 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
271 KB
10 parship.de
singles.parship.de — Cisco Umbrella Rank: 370411
30 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
221 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
579 KB
9 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18655
api.webgains.io — Cisco Umbrella Rank: 47350
154 KB
8 openstreetmap.org
a.tile.openstreetmap.org — Cisco Umbrella Rank: 13366
b.tile.openstreetmap.org — Cisco Umbrella Rank: 13554
c.tile.openstreetmap.org — Cisco Umbrella Rank: 13588
45 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 916
e.clarity.ms — Cisco Umbrella Rank: 1869
c.clarity.ms — Cisco Umbrella Rank: 547
25 KB
7 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 39406
medialead.de — Cisco Umbrella Rank: 38865
4 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
7 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
4 KB
6 creative-serving.com
static2.creative-serving.com — Cisco Umbrella Rank: 63081
ads.creative-serving.com — Cisco Umbrella Rank: 3287
14 KB
6 webgains.com
track.webgains.com — Cisco Umbrella Rank: 35662
92 KB
6 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13937
4 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
2 KB
5 ad-srv.net
ad.ad-srv.net — Cisco Umbrella Rank: 33086
ad4.ad-srv.net — Cisco Umbrella Rank: 198396
7 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
4 KB
5 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1207
cloudflareinsights.com — Cisco Umbrella Rank: 1193
16 KB
4 instana.io
eum.instana.io — Cisco Umbrella Rank: 6447
eum-eu-west-1.instana.io — Cisco Umbrella Rank: 24770
19 KB
4 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 39676
www.media01.eu — Cisco Umbrella Rank: 240615
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
143 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1439
insight.adsrvr.org — Cisco Umbrella Rank: 567
match.adsrvr.org — Cisco Umbrella Rank: 293
3 KB
3 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 64653
24 KB
3 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 16139
ad13.adfarm1.adition.com — Cisco Umbrella Rank: 40145
11 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
734 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 488
2 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 46354
773 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 48610
576 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 797
486 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1359
us-u.openx.net — Cisco Umbrella Rank: 323
625 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4364
722 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 91678
static-de.ad4mat.net — Cisco Umbrella Rank: 128562
4 KB
2 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 18649
1 KB
2 greatviews.de
trf.greatviews.de — Cisco Umbrella Rank: 303635
2 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3666
34 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 justpremium.com
match.justpremium.com — Cisco Umbrella Rank: 2600
325 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 554
493 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
395 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 58770
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 51158
2 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
577 B
1 advertising.com
sync.adaptv.advertising.com — Cisco Umbrella Rank: 14326
14 B
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 45661
9 KB
1 ad-sun.de
cdn.ad-sun.de — Cisco Umbrella Rank: 312103
4 KB
1 conrad.com
asset.conrad.com — Cisco Umbrella Rank: 66381
24 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 55516
728 B
1 seadform.net
track.seadform.net — Cisco Umbrella Rank: 97249
304 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 12956
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
554 B
394 58
Domain Requested by
42 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
nets4.com
f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
cdn.ampproject.org
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
39 pagead2.googlesyndication.com securepubads.g.doubleclick.net
nets4.com
tpc.googlesyndication.com
f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
www.googletagservices.com
26 api.purpleads.io cdn.purpleads.io
22 img.nets4.com nets4.com
21 securepubads.g.doubleclick.net cdn.purpleads.io
securepubads.g.doubleclick.net
nets4.com
16 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
14 www.google.com 1 redirects nets4.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
11 cdnjs.cloudflare.com nets4.com
cdnjs.cloudflare.com
11 nets4.com nets4.com
10 singles.parship.de hal900016.redintelligence.net
hal90002.redintelligence.net
singles.parship.de
eum.instana.io
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 hal9000.redintelligence.net f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
hal900016.redintelligence.net
hal90002.redintelligence.net
8 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
7 googleads.g.doubleclick.net f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
nets4.com
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
6 x.bidswitch.net 6 redirects
6 assets.ad4m.at as.ad4m.at
6 api.webgains.io analytics.webgains.io
6 track.webgains.com nets4.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
as.ad4m.at
6 www.awin1.com 6 redirects
6 adservice.google.de securepubads.g.doubleclick.net
5 pv.medialead.de 4 redirects ad4.ad-srv.net
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com securepubads.g.doubleclick.net
cdn.purpleads.io
hal900016.redintelligence.net
hal90002.redintelligence.net
5 www.gstatic.com www.google.com
5 e.clarity.ms www.clarity.ms
e.clarity.ms
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 5994599.fls.doubleclick.net 2 redirects nets4.com
4 ad4.ad-srv.net 1 redirects 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
ad4.ad-srv.net
4 hal90002.redintelligence.net 1 redirects 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
hal90002.redintelligence.net
4 hal900016.redintelligence.net 1 redirects f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
hal900016.redintelligence.net
4 www.googletagservices.com f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
3 ads.creative-serving.com 1 redirects
3 analytics.webgains.io track.webgains.com
3 static2.creative-serving.com ad4.ad-srv.net
static2.creative-serving.com
3 ad-server.eu f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
ad4.ad-srv.net
3 pb.media01.eu hal900016.redintelligence.net
hal90002.redintelligence.net
pv.medialead.de
3 c.tile.openstreetmap.org
3 a.tile.openstreetmap.org
3 static.cloudflareinsights.com nets4.com
singles.parship.de
3 cdn.purpleads.io nets4.com
3 s0.nets4.com nets4.com
2 eum-eu-west-1.instana.io eum.instana.io
2 dpm.demdex.net 1 redirects
2 sync.1rx.io 2 redirects
2 id5-sync.com static2.creative-serving.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 eum.instana.io singles.parship.de
2 onetag-sys.com 1 redirects
2 d5p.de17a.com 2 redirects
2 www.zenaps.com 2 redirects
2 medialead.de 2 redirects
2 trf.greatviews.de 2 redirects
2 e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ad13.adfarm1.adition.com 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
ad13.adfarm1.adition.com
2 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cloudflareinsights.com static.cloudflareinsights.com
2 c.clarity.ms 1 redirects
2 b.tile.openstreetmap.org
2 static.addtoany.com nets4.com
2 www.google-analytics.com nets4.com
www.google-analytics.com
1 match.justpremium.com
1 simage2.pubmatic.com
1 sync.targeting.unrulymedia.com
1 us-u.openx.net
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 match.adsrvr.org js.adsrvr.org
1 insight.adsrvr.org 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 s0.2mdn.net e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
1 rtb.openx.net e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
1 sync.adaptv.advertising.com e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
1 cdn.contentspread.net ad4.ad-srv.net
1 cdn.ad-sun.de ad4.ad-srv.net
1 asset.conrad.com ad4.ad-srv.net
1 prod-rtb.ad4mat.net nets4.com
1 js.adsrvr.org ad4.ad-srv.net
1 www.media01.eu ad4.ad-srv.net
1 www.conrad.de ad4.ad-srv.net
1 ad.ad-srv.net nets4.com
1 track.seadform.net nets4.com
1 imagesrv.adition.com 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
1 m.exactag.com nets4.com
1 023fc26b6b9537d4ef1bc238cfed3b19.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 15ed41447392c39526012ebb33067d08.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.bing.com 1 redirects
1 www.clarity.ms nets4.com
394 93

This site contains links to these domains. Also see Links.

Domain
blog.nets4.com
link.nets4.com
leutholdgroup.com
leafletjs.com
www.openstreetmap.org
www.addtoany.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-29 -
2022-04-28		 a year crt.sh
*.purpleads.io
Amazon		 2021-12-01 -
2022-12-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.tile.openstreetmap.org
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2020-01-22 -
2022-04-21		 2 years crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2021-04-15 -
2022-05-17		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh
*.seadform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-11-04		 a year crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
ad-srv.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
singles.parship.de
Cloudflare Inc ECC CA-3		 2021-06-29 -
2022-06-28		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.conrad.de
Cloudflare Inc ECC CA-3		 2021-05-17 -
2022-05-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
static2.creative-serving.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-10 -
2022-09-10		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-02-19 -
2022-05-20		 3 months crt.sh
pv.medialead.de
R3		 2022-02-20 -
2022-05-21		 3 months crt.sh
contentspread.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ad-server.eu
R3		 2022-02-13 -
2022-05-14		 3 months crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-12-10		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
tracking.justpremium.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh

This page contains 57 frames:

Primary Page: https://nets4.com/domain/leutholdgroup.com
Frame ID: 1C0805DE26A7121086B4802BC6E31CCD
Requests: 86 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 00B4EBEFF6F52BBE8E2A922783EF30A9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=7uoh12355bsa
Frame ID: A64AF6834E75DA9AD65918DFBD830C10
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BC4AA7C20022CD1EC5FBAC88E646E311
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C322641A5C961A8F0548B32BDD26C919
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D4CD6B0FEEB11718E168B573A382BF67
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: FDA74F7FBB57B026DD4BFA6EE9FE435E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 290E94CBB3E3D7BD99D1A20EC241EFDC
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Frame ID: 683707758C7682EDF9FE3EACDB228A34
Requests: 3 HTTP requests in this frame

Frame: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 74D5E507FC91B1499E4491BE5BEE09EB
Requests: 1 HTTP requests in this frame

Frame: https://15ed41447392c39526012ebb33067d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 000825E75EE8CDFFC044FBC23467BE2D
Requests: 1 HTTP requests in this frame

Frame: https://023fc26b6b9537d4ef1bc238cfed3b19.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 93529E530724FC5CB9E0D0B05DC14A25
Requests: 1 HTTP requests in this frame

Frame: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 879B682A29F6C7C290236708BB0D1658
Requests: 1 HTTP requests in this frame

Frame: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0B41C659E2FF9ECC4776C49A296E50AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86CB43A41CB99FC4820117C4DC1596E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7DE414DC243759C664C378D37E0D7569
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6564E832D7AF969567D7B8678D07AE7B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C8E5E137885016C3FB18942413134BD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8AB0E8AB19718759AE068C6E8C6A7FAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DD11E4956143CB0424FCE981AA84F12
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 615F2A228710CC43F7B7C4DAE9B7EEFA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1831750FAD745190322B15385B21FA8D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 16E92BDB6E5B9F289074ADF7A9F43450
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 36339A57FEF258A0082810453DD91854
Requests: 2 HTTP requests in this frame

Frame: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 47A8132CB127CB08EC767747DEC9499A
Requests: 16 HTTP requests in this frame

Frame: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 44B9ACF566F3E3581929485BEE84B52F
Requests: 17 HTTP requests in this frame

Frame: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4DFA99783BDB8F0AE3A7ED42FC35A440
Requests: 28 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: 127A84A3D1DBA2D2C9FD86D9802599E4
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNXJdhyvCWq5I-2Xqkj78OhAmD223UlKPRMzNnF1EFXsNAUQRppoMBclsxkkrlO5nL3gt9CA4SR5z5fNE48zd9GCWy0IZ914KZPf7V4LBSCw1X3cMl0CbFZkwTfhEPNrcSpaclRRoBTrvOAhp8HAhl2cOQnk9QV2RJ1x6o3DAzKlTRJVcbg
Frame ID: E603EC5BD1690568F9F93711E47DE30D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhj376nFATAB&v=APEucNUogv_0-A6p2e2tQedTNd6V-DPbcVP_Znh0_BbjrU6FINxNcPff2p9hLtdtitWYjFxypns_gGIoOdfXGNiU0S0DEMydCDkKwIRvZkdUMpKkhKDLjxDxbjrEoUjzTR0Irt8i9QQ-eeIUid9IkYv0e0YwLR1pcUU3nmUWQ1XibW6LI3IkmLA
Frame ID: AD74AF150FEF5773F3B37089D477AA10
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNURSGm5UkYt0ga1SA6FfsYCTOftXO0bvMcFXBs8ibLkPyrcK-_b2nPIFnfeHfKx77F7JiTOd5GrZ5rOBs4ygAjq_bfHVah59tR_9nMCAddDKwgxTMVmSctLGwWkUVnn4PTPqjICWKN9VvJ1-bNcLZINm1Lb_K9Md_Tbr4UQo4YEpQM8NoY
Frame ID: EBF1863515FF06E1F1239993E879E473
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: 4CAF87E4772E91135CDF2406CBB36865
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: F99A43575BEB5D6C7E10D4000ED2769B
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5C6F8E7D1B4A6F4AEB33A6967FFAEF4E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 419A8B78A6A5BF82FB9A402A1180F412
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA75F9AF1A82E5D78FBC11DFF188875B
Requests: 3 HTTP requests in this frame

Frame: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9B251B3008A7ECE0343610F7A66C7E3C
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=35876600050325800710618011902016&actionid=981741&produktid=&dt_url=
Frame ID: C463D092D8AEF99A8D0C9F5354A6ECFA
Requests: 1 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
Frame ID: 47457386E04E0A2A8E4A0ABE8C5AF9CE
Requests: 8 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123
Frame ID: 66D24975519F4BE33B7412760E930803
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=35876600050325800710618011902016&a=d68f1981
Frame ID: 95E66E4443FB05A8652B54080B88D270
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48553400055944800710612011902002&actionid=981741&produktid=&dt_url=
Frame ID: EA7A41DD3B69E18C4E0F7DB072B77B29
Requests: 1 HTTP requests in this frame

Frame: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
Frame ID: 1286FD7668C87629C3A775FB01F3F744
Requests: 8 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93
Frame ID: 6AC4509303F27010F757D12ECD9ED407
Requests: 2 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=48553400055944800710612011902002&a=4bd912d5
Frame ID: 9C7FA54CE24C1499F7163F1B873F6699
Requests: 6 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_473322_1647594551_1373a350-a69b-11ec-8df2-22307a82f47e&insert=AW
Frame ID: 1494D94DB6D45523C6AE8AD01559E1B3
Requests: 1 HTTP requests in this frame

Frame: https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1647594551_1373ca62-a69b-11ec-8df2-22307a82f47e&dt_mode=iframe&dt_url=
Frame ID: 85B09A9B586742BB0267025EC607087D
Requests: 1 HTTP requests in this frame

Frame: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 82D269D15BAFE72D1AFED16E313AF987
Requests: 10 HTTP requests in this frame

Frame: https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
Frame ID: 8D92E649C8CCDE95D913266DCE9E857A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB17D445801A000A9ADC8C0E25DF25F9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C290296430FCFDF8CBB56DE5BC0FB01
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hc7cq76mcmvxdj4f74vwdpswctv13j70d7x3vqbvy0yxjz6a9cvmymz0mw72y6ba4svq6xvr2xmvsxke06sk0smdt1t2ddbtxgg8myqbzf6hatttarffp5yyp7grgahxvdt2w33xsj56pr0xnfcwhyc5zmpg55gntggaaef1bsmx383e1nm7mzeky0jj51k6w35pkqns9gn4e9fbvn3g6s8racpcxk6sp657gatk0w98b8bvxw2x5a4takh8ypw8bvjsnzf3kszy77h26jegtm7g5yffzttvn6hj91mykrqtkmcaz3xttdk6jf9hjd13wvd5zbp9rahwv5xrr1jg3x4ax9kc55m59cgw63h3gsbvdq5az9esnzq0a0g6cejw62q0g5rgwzjr8afx30ndr9jxw0xqpyshxq86s4qcnnfpg6vcwjky&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%26client%3Dca-pub-4903453974745530%26adurl%3D
Frame ID: 695DD3427ABEF5426BF1C44AED802BA9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA1D217708F9E9A2DA1DA0F5B4E33FFD
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=30285800057875300383828011902004&actionid=981741&produktid=&dt_url=
Frame ID: 10F5322996497BECA55A760A0A38B0DE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B4C0303F7940EBA3B4D3576AD18D5E7D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
Frame ID: 72D011495DA5CC950E9BC32D9F9147EA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Frame ID: F5931C7F89ECFB0662553732EB3C66BE
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Leutholdgroup domain statistics - Leutholdgroup.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • leaflet.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

394
Requests

91 %
HTTPS

35 %
IPv6

58
Domains

93
Subdomains

71
IPs

7
Countries

4079 kB
Transfer

9260 kB
Size

76
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=5E11077EAE5A40309078BE55F0D67DB0&RedC=c.clarity.ms&MXFR=0CF84BD8BFB365EE2A8D5AB3BBB36BFB HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=5E11077EAE5A40309078BE55F0D67DB0&MUID=3D04E227B70E6A5F3268F34CB6656B63
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Request Chain 214
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjRMNukErPyztDBnYKzurgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
Request Chain 216
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Request Chain 220
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjRMNukErPyztDBnYKzurgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
Request Chain 222
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjRMNukErPyztDBnYKzurgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
Request Chain 232
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Request Chain 238
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 250
  • https://hal900016.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOWc2Nkw0YoWmCc74gAearbXQDbXN-YNX3Ny5q-UM8C4QASC52_MmYJXikIKgB8gBCakCozIxVt6Zsj6oAwGqBNEBT9CVSf3eBCPSAiDenf1DLNSXmC8xvYX7bX5NKmOqbF8YuCgFK-cgjz7RHOKbjxHQnxTnSLljqAAdRxKTqr7UkIyWHTl890ftDeOJBeS4MPq5cSs2FL05Uktrurbr0fECd-5NZJi6jgUF8-pTv_rlxGPgG7UitArXEbWnkEfgdICABFv5nLt1SOrfwuWboNvWnaSeh2b6MULqFiNGL5NVTf47xDbcqxZeSvQQkgXQ8POiyrHFLyC4PGhhjC4QY05q95oaEqfhjDOeRobeon5s8RLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw%26sig%3DAOD64_1V4zfGEzV6Qlq29o2Z79zAZdgFRQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DezRESCSB0gyJfBipKwZX2YPjpSKoK5IRDd7jFEMT2Zt-aiGGGadvNWX9Po0iq5rbjWzcEtrUXIZV52pG3rD_8W0Ocbnl4VqhDf17U1exNFuN2hqLHpy1sq5aiADKpzrDtV44zCots-IM0AXujSqt6xd7Ujw%26cry%3D1%26dbm_d%3DAKAmf-D20__uRhc-3PbzK_lKbgemsN-5vgNOIBsgzEPJntU5ZcErGrKqjTR2Z-3-6Bi0zq-6_HRd-2lwd68YscrILZ4MKXV6S7IhllTsCpJdq5XR_agI35bGmweKptKUSuine8Z4HpOJe-lEHT1aWX0f6bM7C6e7T8GS95iuPLQH9FLy61B7fnBsavjTTv4zNraM5j4Wtl7nHpXezB0ntHLC4XJYA8Sfn70llMMjGM98nxfCWDLZ97CKgu6UDeaQJmYXcdatCI2yq1cn94Py5LCGW012mYk3JTwev5XRFd9JGRJLkFwTJwNe2-k8cOzQ92Ouwkg2MsN0LI7g07CxCKWtz7WrpvFTR_CD9aA6d9ItfJiz-xRGzC5tbH3hcw5yaGPnrPExXtE8OBbkex6nJoa8FkY8R627BK0wR_fDozrU_Tvr0GoKCZjlSGlGnNzbZTbFq1jFUgJr7Tfvfb77RPIxw4m6TAPKBQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=453679453989&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900016.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOWc2Nkw0YoWmCc74gAearbXQDbXN-YNX3Ny5q-UM8C4QASC52_MmYJXikIKgB8gBCakCozIxVt6Zsj6oAwGqBNEBT9CVSf3eBCPSAiDenf1DLNSXmC8xvYX7bX5NKmOqbF8YuCgFK-cgjz7RHOKbjxHQnxTnSLljqAAdRxKTqr7UkIyWHTl890ftDeOJBeS4MPq5cSs2FL05Uktrurbr0fECd-5NZJi6jgUF8-pTv_rlxGPgG7UitArXEbWnkEfgdICABFv5nLt1SOrfwuWboNvWnaSeh2b6MULqFiNGL5NVTf47xDbcqxZeSvQQkgXQ8POiyrHFLyC4PGhhjC4QY05q95oaEqfhjDOeRobeon5s8RLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw%26sig%3DAOD64_1V4zfGEzV6Qlq29o2Z79zAZdgFRQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DezRESCSB0gyJfBipKwZX2YPjpSKoK5IRDd7jFEMT2Zt-aiGGGadvNWX9Po0iq5rbjWzcEtrUXIZV52pG3rD_8W0Ocbnl4VqhDf17U1exNFuN2hqLHpy1sq5aiADKpzrDtV44zCots-IM0AXujSqt6xd7Ujw%26cry%3D1%26dbm_d%3DAKAmf-D20__uRhc-3PbzK_lKbgemsN-5vgNOIBsgzEPJntU5ZcErGrKqjTR2Z-3-6Bi0zq-6_HRd-2lwd68YscrILZ4MKXV6S7IhllTsCpJdq5XR_agI35bGmweKptKUSuine8Z4HpOJe-lEHT1aWX0f6bM7C6e7T8GS95iuPLQH9FLy61B7fnBsavjTTv4zNraM5j4Wtl7nHpXezB0ntHLC4XJYA8Sfn70llMMjGM98nxfCWDLZ97CKgu6UDeaQJmYXcdatCI2yq1cn94Py5LCGW012mYk3JTwev5XRFd9JGRJLkFwTJwNe2-k8cOzQ92Ouwkg2MsN0LI7g07CxCKWtz7WrpvFTR_CD9aA6d9ItfJiz-xRGzC5tbH3hcw5yaGPnrPExXtE8OBbkex6nJoa8FkY8R627BK0wR_fDozrU_Tvr0GoKCZjlSGlGnNzbZTbFq1jFUgJr7Tfvfb77RPIxw4m6TAPKBQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=453679453989&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 251
  • https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM87tNkw0YvveCsmTgAeVmY5Qtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQKfSyAyV5myPqgDAaoE0AFP0I32Qq1qEQ7m_8NlG4gq7zP4jSBpWnI8O_xIEUZeHhRj0p5KVcCPI0_IgqTLTAza1kMoCT_wM1mOBCF-uHSM1sFiH_UAXV0b900-xufa5bhjp1SSDsj4pZ8vXtVmxuaN4JUg75Wn-ma7Fl269YPHDEl079XXjj2TYhbl2SM6rDmochY7SFNZEUITMHhf_BlGchBjFvvV_PH6Xkzyu4s9EgRmqkJ0VR8mWpkhIRolJDgtQ3ShmYb393_rACcCx6JUzLIN3sEEgR3sXYMPSXkHwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o%26sig%3DAOD64_1b-AZPCc2x9WnocHuqRy1QGLN3tQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CDNKb6BnXFEa1FSxWm4pNo1lHtR5UTE1DeMC7hWDGIAbMYygXo_zgnVpAspBmjsSUm1tHSm4O81cbJmEFuxP0eILeKdEZAfXteNDXbslVWLvja0zQ9d07nl7kgodXFFF0VSpHi50R7KTPK6KmnG2p9iG7KOw%26cry%3D1%26dbm_d%3DAKAmf-DC4K5bl471eLgqGYf5mDcu3OgCnApXWB8ExlM3bvh04Y0Dn7lGIdoiSm6S91rXS0kBwM7Dif83qG8uu3ON61b8sQNYbRdamVIrBAQdO2Qxecb0GGokZ4mt6N-kLwzA8v3Dx1GYLkValu60VdS3xeNWUxxaEgQyg7MW3LzMknEseTqnW_suSaEKt3wpoUwVnw_NcwS2oLzahLTxmA8i6HOzEz6FiNZeaCowT8zGc4iyQmpnjpsHLewOox9vK4gVDKDREgnSxJdpBiTkcTeJaO4QsOu75w_-qUVEF0b8K7GcMKqHWDtaxbRaQjIAYKSJyZtCjeG_nQxY9NDe-cjZVyhDUjxpq7WH_BQYBX6N3gvKqxWqVGlT1dZkquQEGLc_sYZ_1X1r2oaGbH2exWmPUmF5hKDNGrMyw8I2EtZ_kPXAQSQNYvq3DN6evJon3cRdf2UjmtHCoc4emyA0B_JrcQITwQIqpg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5367116263432&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM87tNkw0YvveCsmTgAeVmY5Qtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQKfSyAyV5myPqgDAaoE0AFP0I32Qq1qEQ7m_8NlG4gq7zP4jSBpWnI8O_xIEUZeHhRj0p5KVcCPI0_IgqTLTAza1kMoCT_wM1mOBCF-uHSM1sFiH_UAXV0b900-xufa5bhjp1SSDsj4pZ8vXtVmxuaN4JUg75Wn-ma7Fl269YPHDEl079XXjj2TYhbl2SM6rDmochY7SFNZEUITMHhf_BlGchBjFvvV_PH6Xkzyu4s9EgRmqkJ0VR8mWpkhIRolJDgtQ3ShmYb393_rACcCx6JUzLIN3sEEgR3sXYMPSXkHwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o%26sig%3DAOD64_1b-AZPCc2x9WnocHuqRy1QGLN3tQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CDNKb6BnXFEa1FSxWm4pNo1lHtR5UTE1DeMC7hWDGIAbMYygXo_zgnVpAspBmjsSUm1tHSm4O81cbJmEFuxP0eILeKdEZAfXteNDXbslVWLvja0zQ9d07nl7kgodXFFF0VSpHi50R7KTPK6KmnG2p9iG7KOw%26cry%3D1%26dbm_d%3DAKAmf-DC4K5bl471eLgqGYf5mDcu3OgCnApXWB8ExlM3bvh04Y0Dn7lGIdoiSm6S91rXS0kBwM7Dif83qG8uu3ON61b8sQNYbRdamVIrBAQdO2Qxecb0GGokZ4mt6N-kLwzA8v3Dx1GYLkValu60VdS3xeNWUxxaEgQyg7MW3LzMknEseTqnW_suSaEKt3wpoUwVnw_NcwS2oLzahLTxmA8i6HOzEz6FiNZeaCowT8zGc4iyQmpnjpsHLewOox9vK4gVDKDREgnSxJdpBiTkcTeJaO4QsOu75w_-qUVEF0b8K7GcMKqHWDtaxbRaQjIAYKSJyZtCjeG_nQxY9NDe-cjZVyhDUjxpq7WH_BQYBX6N3gvKqxWqVGlT1dZkquQEGLc_sYZ_1X1r2oaGbH2exWmPUmF5hKDNGrMyw8I2EtZ_kPXAQSQNYvq3DN6evJon3cRdf2UjmtHCoc4emyA0B_JrcQITwQIqpg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5367116263432&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 261
  • https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=20183412367&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=20183412367&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 264
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=35876600050325800710618011902016&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=35876600050325800710618011902016&actionid=981741&produktid=&dt_url=
Request Chain 265
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=35876600050325800710618011902016&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
Request Chain 267
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123
Request Chain 269
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=35876600050325800710618011902016 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=35876600050325800710618011902016 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 271
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=48553400055944800710612011902002&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48553400055944800710612011902002&actionid=981741&produktid=&dt_url=
Request Chain 272
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=48553400055944800710612011902002&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
Request Chain 274
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93
Request Chain 276
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48553400055944800710612011902002 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48553400055944800710612011902002 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 289
  • https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&pref1=30285800057875300383828011902004 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=1373a350-a69b-11ec-8df2-22307a82f47e&v=11354&r=473322&q=371931&s=2470208&viewref=30285800057875300383828011902004&pv=1 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_473322_1647594551_1373a350-a69b-11ec-8df2-22307a82f47e&insert=AW
Request Chain 290
  • https://www.awin1.com/cshow.php?s=2840009&v=20646&q=409071&r=473322&pv=1&pref1=30285800057875300383828011902004 HTTP 302
  • https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1647594551_1373ca62-a69b-11ec-8df2-22307a82f47e&dt_mode=iframe&dt_url=
Request Chain 323
  • https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pref1=30285800057875300383828011902004 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=13acb4b0-a69b-11ec-8df2-22307a82f47e&v=11354&r=473322&q=371931&s=2470208&viewref=30285800057875300383828011902004 HTTP 302
  • https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_234x60?format=gif
Request Chain 325
  • https://www.awin1.com/cshow.php?s=2840009&v=20646&q=409071&r=473322&pref1=30285800057875300383828011902004 HTTP 302
  • https://cdn.ad-sun.de/STIHL/Werbemittel/Logo/STIHL-Logo_234x60.png
Request Chain 340
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEO7DBlLMXbmWOTfy0fGxZ_A&google_cver=1&google_push=AYg5qPKwehFFM1gqQp0PUiwFfMw7zXKl4RizHrvBjgObYdwBYcOww9SDBrnyljaMtpAsE59PDoIgyijbdLCpHmmRitunn_jYMR-C HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO7DBlLMXbmWOTfy0fGxZ_A&google_cver=1&google_push=AYg5qPKwehFFM1gqQp0PUiwFfMw7zXKl4RizHrvBjgObYdwBYcOww9SDBrnyljaMtpAsE59PDoIgyijbdLCpHmmRitunn_jYMR-C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKwehFFM1gqQp0PUiwFfMw7zXKl4RizHrvBjgObYdwBYcOww9SDBrnyljaMtpAsE59PDoIgyijbdLCpHmmRitunn_jYMR-C
Request Chain 342
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg
Request Chain 344
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO2bZkfDidCSzbFlQUe39HA&google_cver=1&google_push=AYg5qPIaFT55szbG6qxwTx5Khd0HexHJC5aJ5YoMwtr-nKxkBPIx2-RtvgRFtfSVh8QnlUo4jTCwN0X4JCe9BWufvdQqGLso0s9KIF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIaFT55szbG6qxwTx5Khd0HexHJC5aJ5YoMwtr-nKxkBPIx2-RtvgRFtfSVh8QnlUo4jTCwN0X4JCe9BWufvdQqGLso0s9KIF4 HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 362
  • https://insight.adsrvr.org/track/up?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
Request Chain 372
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022031810091365820154449X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022031810091365820154449X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Request Chain 375
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022031810091365820154447X117663V1225131106MSoneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush
Request Chain 389
  • https://ads.creative-serving.com/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse HTTP 302
  • https://ads.creative-serving.com/ul_cb/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
Request Chain 390
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=100 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=100 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=8b7b2f62-4e7c-4c50-b7af-7a241ea0ddc2&gdpr=&gdpr_consent=
Request Chain 391
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=952 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=952 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/2446c753-8c3f-4de6-8751-a0262db34d5a?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/2446c753-8c3f-4de6-8751-a0262db34d5a?zcc=1&cb=1647594554488 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d60c8779-0559-42ca-a371-e7bf7852a79b-003
Request Chain 392
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=686 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=686 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2446c753-8c3f-4de6-8751-a0262db34d5a&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 394
  • https://dpm.demdex.net/ibs:dpid=393426&dpuuid=6932b710-e65d-43e5-aa65-b14b357229ff HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=6932b710-e65d-43e5-aa65-b14b357229ff
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
  • https://ads.creative-serving.com/gcm?google_gid=CAESENx3Fjvn7h95Efe5wvU0rZw&google_cver=1

394 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request leutholdgroup.com
nets4.com/domain/ 		48 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f8de28be6266e32ae54e000b2289baad87e650aef233ab68854aeefa90609e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-type
text/html; charset=UTF-8
cf-ray
6edcd3de49eb9229-FRA
cache-control
public, max-age=86400, proxy-revalidate
last-modified
Fri, 18 Mar 2022 09:09:07 GMT
vary
Accept-Encoding
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3AymhhKpF88WS8OFJnhjlwkuDwW%2BxWA9mWoMLaEFrEMybZXfntpHgxbjMWHHF42LwBBb8OcUYtQ8PeCI3pnHOqzpm5gJl%2BBY17VdzzE8oEabr1yQvdNnqUyeVseFAWEuGofW7XBcnM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
awkqrI1qzYcE0gTfW6uXyLl_1bA.js
nets4.com/cdn-cgi/apps/head/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/leutholdgroup.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4481152
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9EFFKNMVH8B97R68
x-amz-id-2
sOI1p9/KlsENRRkBl9xx0wei8HBpqMsxO9USbnnukGMB5MI9Sa53WVCZPBipV5tnPramyDVhoGc=
last-modified
Fri, 10 Dec 2021 11:06:12 GMT
server
cloudflare
etag
W/"e951628ea64bbeadb19c6d855ca98c7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viGyOniGug10HJaptQUecVfzykGRMEo94BI093Y8iLWtpjcwj871RJzM8CPGdwQrDRfk1CJX2Qgjv%2Bs42Y3NztibnEKiLzDec3pUwJCKei99uUp0m%2FUdXMz9CPnuZkic0Xysn7%2BTS2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7KspX51u1Msx7FcOmJWweyW7FbGqzJNg
cf-ray
6edcd3e27ece9229-FRA
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/ 		157 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1551849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17620
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-44d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9VC7IQzDIKS806laLJYp0GT0CajL9k2mpcSXv8BompXAJHoVfamLDtLJtO6FEwWy2RK4npKZnBd3k6EJSjS5C7qFMUII6tOG%2FvwboDA80W3aJyEGPd1X7xnFXYgz1GchRSz9dgqfRSdtPh%2BOoVfQtXT"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e2bf5f9a0f-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1768121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U00JgSNvWNipAIMzT7hLCe5ZIXMVyI%2BjJAg8DWryhqaMvdtffiPSGEdJEJhYRYiCVpFDEVi%2FWtCRAMWvJ4VrnmVaMG6dR9gXS6fvIaGoCYVvK2x1ozcdrefHrcC9FOakDNgPxXqglnqf5sQoucafopk0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e2bf609a0f-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
style.css
nets4.com/assets/css/ 		345 B
567 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nets4.com/assets/css/style.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/leutholdgroup.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6066
cf-polished
origSize=451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 01 Nov 2021 12:55:19 GMT
server
cloudflare
etag
W/"617fe3b7-1c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKam%2B1ZvAYTy6PijvVrxh4qY4g%2Fhz9FLJ3flzUitcLUF%2FgOHkoHTeFF5IAiMaKzBt%2B9M%2FxU0vSDaaXCrdUzl3lNFUgjxGbl0zSBAyu1q3ltTcO2SnCHWy2G65TcGngZhaOexSfUA014%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
6edcd3e27ecf9229-FRA
cf-bgj
minify
invisible.js
nets4.com/cdn-cgi/challenge-platform/h/b/scripts/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647594000
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a6f0e947df4965ff39a4d44b53c4520220380451160d34a443dc0d4e841bc44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/leutholdgroup.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pl0uvfb8CERtT7JuxUB57sCh2FJ8pyDvYym2WV7TncuSCBnTl2roEPOQ%2Bc6im6QrgWVUuqiSeiciuH6kAL05gfL%2BnCPuvC0YavphMwP7izw7mQ9VuScaZQYFjICwoqfJj%2BV1hDE%2BfjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6edcd3e2bf89902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Th69y9F.png
img.nets4.com/img/i.imgur.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/Th69y9F.png?w=120&h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4481106
cf-ray
6edcd3e2bf169229-FRA
x-cache
MISS, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3395
x-served-by
cache-sea4480-SEA, cache-fra19126-FRA
server
cloudflare
x-timer
S1643113442.892758,VS0,VE1
etag
W/"6df89d86deba278d112332afb4bb100b1a6165842a7fdb7f78a5a70c7c7218aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfWJS8ZSfu1vt8AZlSPQ988%2Bm491v2J8FikyZLkw6HZ2Pk0ZK5TJANm9g5K8OPkYDl2BgBd%2B%2FfG4HMWWossRQOIudc3687WcE1FKWVE3LQ%2FS1jlswKCAau9ILk%2BgLF4lzfRxaKkx2%2F9q5wuR"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Th69y9F.png>; rel="canonical"
access-control-expose-headers
*
58T3Wrl.png
img.nets4.com/img/i.imgur.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/58T3Wrl.png?w=20h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4481106
cf-ray
6edcd3e2bf179229-FRA
x-cache
MISS, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1117
x-served-by
cache-sea4474-SEA, cache-fra19154-FRA
server
cloudflare
x-timer
S1643113442.854262,VS0,VE1
etag
W/"86d32e1b83f7c87590ac6aad5f278dca67bb9675a7a7869ed47749c6cf91763d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHgOA0l6SNUJ0JAh5BO%2FMh%2F3kNoELntvF0KE809yo4OasiAEGCAwEzFruZP5DOyZJdLAGrR6yYeAp3GJnBGI4VmzJEEsZieEmehTZR3t4X7IJuIPsAY4xlXczV6GzyH%2Bb3uGrmdiJUVLhzcv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/58T3Wrl.png>; rel="canonical"
access-control-expose-headers
*
leaflet.min.css
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3679106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2153
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e135-298f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imBXm%2Fh9nkgRF0V30bIDzRei0Fljtckdzw94OoG3A%2FKdLxdvDgNVX4Sid3qrwcyguK39%2BcmsuFCHbAhsx7wslKUz2xZmYzfCb5Ta%2FQcDH9Jf2%2F46Kpvd%2Bv3P65BgZjX82a77y%2FsurEV3EHOiJBWOKDjX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e2cd2f6904-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
Zc4iwuj.png
img.nets4.com/img/i.imgur.com/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/Zc4iwuj.png?w=15h=15&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4481106
cf-ray
6edcd3e2bf129229-FRA
x-cache
MISS, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
814
x-served-by
cache-sea4422-SEA, cache-fra19179-FRA
server
cloudflare
x-timer
S1643113442.858475,VS0,VE38
etag
W/"ef5e715e8edc5303224592e859bd4f82e513e48ef6932a25dfb6f389dbaed4a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khvNCOoOJ6R243Gm%2BX%2BlIqcEQK5iTekqEZSv%2FgGBndOd2eu6%2FwO8DR9m8etCMZlkMD8TVl%2BJpcqkC3S6HLIbSVLa3ubZ%2B6QkiuYXGRU6FnzWCSr1ihpEO5EULhWEK32cwNuPbgivE9CRwc6x"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Zc4iwuj.png>; rel="canonical"
access-control-expose-headers
*
email-decode.min.js
nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/leutholdgroup.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Mar 2022 18:25:01 GMT
server
cloudflare
etag
W/"622f887d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BNH0Ra0rIgt1nJeRm1zP7HjlQWND2M0VMS5uAeYVbaVp0WLWHlZ81dVR%2B0xkX0%2BffENOxKuh9VnQ3BiqGloyKCP9RZ%2B9ij%2FZXI7vk3GHn31pYpj3tIN6EEIJ5Evqghcf2MnLI63ItM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6edcd3e2bf85902a-FRA
vary
Accept-Encoding
expires
Sun, 20 Mar 2022 09:09:07 GMT
rocket-loader.min.js
nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/leutholdgroup.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Mar 2022 18:25:01 GMT
server
cloudflare
etag
W/"622f887d-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNkJDeZltpyWy%2BsmAhXnqXZdOB4euAwJ95m%2FZ%2FPUn%2FaIVD819a%2Fq1Oul5JeH86DGz%2FPBk69%2BYBx9WesZWsH3JQAvkhDgnqBwoxPTDbwb1CpUZKkaK1pNvi96FXOeSAdhJlvHAVc6PY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6edcd3e2bf8b902a-FRA
vary
Accept-Encoding
expires
Sun, 20 Mar 2022 09:09:07 GMT
W25b9ht.png
img.nets4.com/img/i.imgur.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/W25b9ht.png?w=40&h=40&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4500055
cf-ray
6edcd3e3180c902a-FRA
x-cache
HIT, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1574
x-served-by
cache-sea4420-SEA, cache-fra19149-FRA
server
cloudflare
x-timer
S1643094492.028469,VS0,VE1
etag
W/"ee80457266cef4b485c3668cbdd5f67e7ed204e94a46f041afd17fa27c93c945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIFERoBhf6PBLeT01Yc1HM8Z9v%2FelrC%2Bz3n4Smj3SimrwsHdVboM9qQPrhtkBoCVqw6Up8spN1ZK0T4YVqnjWR3f56MH7oCSqK514uGE2QxALStYVTVFy%2BNTSlO08R%2FHEqr10Xjw%2FJPJIVQ3"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/W25b9ht.png>; rel="canonical"
access-control-expose-headers
*
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1551046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khlJG5%2ByGDquv1ucEejCltAKh2WAKIH5thaqbZ%2F3cmIzWmYkLSJ5gd9fDelFjmJaYH5%2BMjJ4VlN%2BT35tja2F0xlJdwH4yLp8Qbh14rVEcU6C0gb2KlYKgqpbj9UOpPbj3O084PxASCi3XnsPsXe6HXwg"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e34ab4995a-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
7197f77c-52a1-40f7-8e70-cfb66ec8cd92.png
s0.nets4.com/s/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/s/7197f77c-52a1-40f7-8e70-cfb66ec8cd92.png?w=500
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86b7c43f3aec9ce4633f91c0df776f2662bd3a326af0a5e5707dbfcfcc7c817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
209273
x-served-by
cache-sea4471-SEA
timing-allow-origin
*
server
cloudflare
etag
W/"ff57bf05b762fa13cdab924cde72536b5d1cda56fe7aac360298584f65415fea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaQ2bOluzs3prYkWahJsqL6M5rxK%2BRfL9pZuhq2Pmkz2zHMN8%2BfWDSFdYlm0qHXqu4cMXzcXbP%2BfHlLPQKpqZli%2BVADjRJqUHmubQdboqPXAdxXm2OKK1YxVDrewD4MjV24NGmEW5Cu6chY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6edcd3e36faf9229-FRA
link
<https://urlscan.io/screenshots/7197f77c-52a1-40f7-8e70-cfb66ec8cd92.png>; rel="canonical"
access-control-expose-headers
*
leutholdgroup.com
img.nets4.com/favs/ 		444 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/leutholdgroup.com?size=32
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de53bc96533bf3c6e906a524d8e7b4d0dee9b8b527408ed8d0b1c7c51468c2bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
444
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 09:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arJlzVo9ZHVB8S%2B3otWWF%2FXyjOEbjwz%2F0Y2XTxX6Tk%2FSLZlXSBFfknq3yXgp9zwqa5kK9lxib6%2B4OJ9jy9VcEAZbxa6%2BJ9bZfi0Z45l0IZQcCpSGor1wF2e0DE%2FYjWI%2F5QWlI4%2BA7nnsNVd%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e35853902a-FRA
leutholdgroup.com
img.nets4.com/favs/ 		370 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/leutholdgroup.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbf738498a51a3b102576cee6763614fa2cbaa5ffd22630d5e14c9be1ae090b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
370
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 09:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmvZ7TjMgd57wmjRU58QMJbJhuEtGdZC2ks7ij1Rzxe6bsg2bkOYWlEXyV2ezbyJdq7XDrKuYkRRUG9odlKg5Wl66rWIqeuuJz7TkdpL7swi2CO497%2F1rUWUqjXyUTUtqOusBsZ1xavJQoDE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e35856902a-FRA
bitcoinmarketcap.net
img.nets4.com/favs/ 		556 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/bitcoinmarketcap.net?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36323d83921572000db1cdb1670f1dedf44b977c484b9fd08fbdeb7977d5d3f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165130
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
556
x-xss-protection
1; mode=block
last-modified
Wed, 16 Mar 2022 11:16:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEJO1%2BmqDnmE283S%2Fi1%2BsowLuAn7chpyiCxLZICW5696TxjsVL59mUptrhEua5BjoZeo3zWDBIHDjOd%2BR3sZKKKR2AwkbW%2Fr0Z18jXZniYeIWI8AfwYEQUSH2Efy2OzkC68QZ7c0EdsZb%2Bmw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e3889a902a-FRA
lakshayarora.in
img.nets4.com/favs/ 		70 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/lakshayarora.in?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 09:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A54OVLVxkumkU%2BGTNS4n5UQoIAPlBexGHZ9Ll3jIPL%2BiTAcQxc5h4jLwV%2B3ox2CeYaeolo7wlTxjXSmaTE6Es%2FUlH6keVjdNVar5P4PLMZzpmboS0HvSwLt5qOyzVPQXaNyei52pF5mG5Ux"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e3889c902a-FRA
vauban.io
img.nets4.com/favs/ 		439 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/vauban.io?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7748eb42c493e93ff97de568395a8bcb813b907a38ead1b975b9c8f67994dcd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
439
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 09:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4JJNGIh3de25cNVkKZu2kDThTUcFf%2FrIuCgBmCEg942BV%2Bc%2FdLJ%2FelvNSUdwqi3VWQXl10yPYNftJzdyWy%2BMzisTIElOMPil6qVfTfOuLSyasXAWqgJWmD4yzCUd3gs8lcg55Sxfpk1vDwS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e3889d902a-FRA
bitcombine.io
img.nets4.com/favs/ 		595 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/bitcombine.io?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee697fe2ccc5fb8738aaf63fae53cfc5adfbebc0f31304f5f5b30f50311f0520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
595
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 09:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEId0JH8jACH7jIi7gA3DiPbyuzkwjA62YIy7Pf9cBOXiewTRjt5gLvRCZhteP9Ltp9NU9TOqaN72WgnXcj33pWE0K%2FUXVhtyKbtyoOYC8zT9BwsRakBxzR%2BqFiyfq93cCqP809HwFHyZQKS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e3889e902a-FRA
fatafatstockscreener.in
img.nets4.com/favs/ 		445 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/fatafatstockscreener.in?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa77b0034fdb8edc7d880ebe65a204a51560b9356c42c41a2d57d1f91bae022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
445
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 09:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIbMXCWZ6tIMP5mS5H3kbRW6hZmw0XA0%2FDtASOVQgmc1Y%2Bend3soO6oicpQjII%2Fgy4cesGlcVBskaFMmHwW%2BeLmIE%2B0v9vVXpvOio8sv0Pykn7z%2FZfLr%2B08bEdLGYPGPJwA1mLyMo7P8bjD8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388a0902a-FRA
cornix.io
img.nets4.com/favs/ 		407 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/cornix.io?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0aac8ca16157d282cd762db6c88c459ca70631ac3ffce9c40759202e5a7697f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
407
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 09:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFxNq0Mf%2BhjJgbgifrgXxn%2FdIYTOIN6YklhW4SACgBfLC3iFZrJfz4aq0lW2%2FIRdnKtz0VNMEpf6RNG%2FXoOGf6gABVM10KsFJPnFM0nmqwaHb7YAFHdGtceLHwtTMsS%2FriwwGzuUIO4F45Fp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388a1902a-FRA
backlinks-discovery-chart
s0.nets4.com/charts/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/charts/backlinks-discovery-chart?d=leutholdgroup.com&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a9cd26f81bfc3c4d11b9b89e54270a0daed52c34e361d45aaf9b44f4c7a2cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33590
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ok7s0o%2FVrXmaH%2B4toZAMJKDDPpQgdAtyNQvIAGY9YTZBftPvTAEoJFsE2xTHoVFzgfhkkyhh49mj7gngwEwYmYQFfe95QXkU0iU9fHZ2eDQZ3cGhh7Y8rGlkptdUpeoT7a2DG4BVc3HcaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6edcd3e38fd79229-FRA
expires
Fri, 25 Mar 2022 09:09:08 GMT
referring-domains-discovery
s0.nets4.com/charts/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/charts/referring-domains-discovery?d=leutholdgroup.com&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89103bb2059b02d45c7e0c41e101d67f5451f8d9f0fe24216db52c6d0a5b123b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34532
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nu57vDgTO3HK9cZOOY0JlsHOxwz56ek92e4zHZlpBS8xxYJvFXxulHR16qA02bBY4nuJ2qFnwfPQGsQhJQvcksMc3CWgKGlXppJOjt%2BqQexvhyY2TxIRQRDxHg60TD4Fb3si1E9E5wUW93o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6edcd3e38fd99229-FRA
expires
Fri, 25 Mar 2022 09:09:08 GMT
gogoanimetv.io
img.nets4.com/favs/ 		542 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/gogoanimetv.io?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
067e05db46d7b0ff5c2353709f0ce076dadc6322f4d0ce56583bf7a9d233253f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
542
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 09:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvllswL1neimD1uVL3lFZ%2FmTz0iRa2ccnYpFuGU4oA3IHu1OIRWM7JuWrvuJ1GuNXwG9Vf8u85sDnXUUrV%2B3n0whHfhdZ09gq0GwBCst43F%2FJVnevgicjN81ITJVyYqzNG%2FkhdFW4tN%2FbLk%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388a2902a-FRA
zajm-onlain.ru
img.nets4.com/favs/ 		827 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/zajm-onlain.ru?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f26e4088529d0493c50ce024432179dfa928ef0779f580cdd1cdba76fe361ad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1118
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
827
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 08:50:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keg0U4e4ua5knUxSEbofEa08ru9IJLO0toEkx3BgIWnsuBRbf%2BZY5bltft74JSdMhtvUx8XGSE43GcwswGwP0y6kLguCyPx0wqeHhvOcz3g4nOt12dQ3bVCo7DSPFotnEZtZFTWSAnWawLHa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388a3902a-FRA
casinomidas.it
img.nets4.com/favs/ 		727 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/casinomidas.it?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c59cbf0b1804f531b58f37dec30014554fa18e7c8ebe9a7fac9104de86dea6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4548
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
727
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 07:53:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L85gx54lnC%2FxF1%2F9el3EkE20GgzRCnlotVjVV1tiyB6BtJEwoRjWy0LTHNqdktalLpeD5E5WbwPdANjPIQ5czNY0Oq4IwTVFoAYjbZJhQ7kiQey%2BW3OV6aa5xoojBhaY45Ycv52qaYdCGR3y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388a6902a-FRA
responsiblemining.net
img.nets4.com/favs/ 		317 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/responsiblemining.net?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d600d7bb49d28ebb861046568487474337e834385421f2c58d7d91535e3f62ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
317
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 07:43:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is%2FNPYPJZG6LFWZ0Osz470nhFb8%2B2ET%2BNP4HwcU0F19q3xRi6sZaVoTPjvpnlFzQoWH1VY2bNL7yy9eaPKdSTNQ%2BRJJDeTSJ1KxY7mNI7jLYBG7xH7sCjJlbXjSjYCK6Kt3nlZ6oISD%2B6y4t"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388a7902a-FRA
merojax.me
img.nets4.com/favs/ 		508 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/merojax.me?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e283f353447fbc213369a85d88aec37863de9a46f0c18f69a1f001aedac77deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10724
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
508
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 06:10:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOJEWZCBMbjrND98LUc86Zs%2F6f8%2BzLDF8AxFjnnT%2Fh9pBlH%2FC1H9vLlz5xQKKFnNdSSD2ElCkD7Ay%2FsJPbRmOzhCcGmwGxv1aYUHNrQPtzMn1u3kXEt%2Bn9VL6KPx3dWDJYaImq4xQgPli3Zr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388a9902a-FRA
hashrapid.io
img.nets4.com/favs/ 		70 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/hashrapid.io?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14448
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 05:08:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bE3ff1JOrO%2F%2B5vNEkrj66xJWhSwIsZgvjq2mguxZW11kLBFEG9CzHJeOSQ7Hgs%2FACab%2FGv%2Fk9ddoOm7RtlxbTWxTXfBQ%2FjsJ5KtfEeeUMlfAbwlDpNBDtWcPMgX58ni%2B0c1%2FljjtdwPSwSv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388ab902a-FRA
bflix.to
img.nets4.com/favs/ 		70 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/bflix.to?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14448
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 05:08:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UN4%2BvJ5tm9GQ39RUXSLrD5lY%2BkpoSluGXN193yu0hspW9%2FyZLRAH3fkcPV6bJUtzS8Cz1PvWQScLJUN%2B59At2%2BPOUHJncK4H5HZdPf66aPsCPkyVOtPukK%2BShb1d9V6zk6ONCK1vv5WSKnr6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388ac902a-FRA
ev01.net
img.nets4.com/favs/ 		532 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/ev01.net?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831638ff326e9da0d644ed8c84a9bd16237c810cd7d6d82a461ff767bcff4dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
365836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
532
x-xss-protection
1; mode=block
last-modified
Mon, 14 Mar 2022 03:31:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gh6dnAaITxGx7QZj6XK%2B%2BUgkeqdRp3xGY%2BllL4jcxm8PNukVhsq4GkB18eT%2BS0ZuXWFN%2FGsmlObSz1ifTuYM%2FpXXYr%2BqFv%2FuBnR2Gnp8UvNDsGhjNm0xXNzkIDxK5HhPGyhStPSelZRZRDK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e388ad902a-FRA
leutholdgroup.com
nets4.com/domain/ 		15 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nets4.com/domain/leutholdgroup.com
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nets4.com/domain/leutholdgroup.com
ts-request-embed-key
fd541812-1a66-4ce1-8123-7b109f8d7350:826baf82ef8558ccff507d43c1fe3a9a8b4ab41acf014e53df9687b89e279ac0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ank4WaSIFO1J9xaF0yPnJ983oIg8sZDOC9OccJQI%2BMxj25yslqrXVDjv3SfXqD9SbOsNpSCbTn6Z70hbI7291K1GyQ2j7%2BJy%2FiUMY%2FVMRoFGmzTxopB9CQ%2B7Luf5paU8%2BS179%2FDCxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store
cf-ray
6edcd3e388b2902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1778619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-12bc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OCGCDX%2BcNeVSmQhjuguT%2B7YqEUNocphVt6aFBYcuSmWo2JhWFOFW0YuTuQindGGsx0kT2M%2BOOIuwHVbU3AUfPYwdlieartz6gEkPs%2Ff80VNckUZ99eea7N9tSwz6tXDuPclnIjhK5tf91nug96OIwny"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e38b3b995a-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
dofollows.ru
img.nets4.com/favs/ 		785 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/dofollows.ru?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2574daeca78fec9dc06b09ccc2fe17139157972997411b17e489db6d020930d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27823
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
785
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 01:25:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JbQfChfENsXw2f5fZYldnKErtd7N7NSalVPAOaINpJ7ENK%2B8P4U5jxLV3g7U3ZSxfDC4KXSLsszZKS1drCGl0tKM7NezcfbS7UVc37A3%2FnB8zjJvTN%2F%2BC1MZTzHlOf%2FeIdjPjZ3cZx9oRzA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e398c9902a-FRA
jinfcw.cn
img.nets4.com/favs/ 		70 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/jinfcw.cn?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27823
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Fri, 18 Mar 2022 01:25:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yPH0qblQtSQoSCmmgXF1QG4LueTtpSMAKl865j4VuvGgyc67N3abD4ILBYIMWIR%2Bah08kjVf1OTQVdrLK2icvPR6PeAx%2B%2BgunFCIvgM5aEZO%2BkKSXeLTiJQdMSxwEB%2BlCI10NuGOLkaaLEQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6edcd3e398cb902a-FRA
leaflet.js
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1844395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35659
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-22a75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0f5NeGD6Wj7KTKXSNesoH%2FkcUENBQ3jLBAGxOL4IieG9nvqTZMzu8fVkRyakN3X1eclrtVHu%2BuCjFu8vN81KIuZuzwOIVNXXVF1UxdpEx%2FZate2tc0JwKWixVviOOXuhxgHRARJjkQ%2Bh0H2zdHTX4F8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e3ab5e995a-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
agent.js
cdn.purpleads.io/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-40.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:36:56 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 09:36:51 GMT
server
AmazonS3
age
84732
etag
"6b17cf687f43a8f73178a58f89d7d60e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10487
x-amz-cf-id
IEo09hSbkBKlvN5OKwmCCZIRXXtSqK26KuL_Ig-_l_PCrEBTGvud6w==
sharebutton.js
nets4.com/assets/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/assets/js/sharebutton.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/leutholdgroup.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5697
cf-polished
origSize=120806
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 03 Jul 2021 07:08:27 GMT
server
cloudflare
etag
W/"60e00ceb-1d7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jml4YsAkJMSgfAvyeTBIWYefEXkTWDmlSI2HwLfj2J8JXDjp7gmWLYKRGPcf30p2ECmfrGGRPrIJq36MuCSuC98Bx1Tqv%2B%2F1I51zyK%2BSb2hbxgLdV%2B%2F3OFHVYorXJX1s9A3yeQ%2FK%2FIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
6edcd3e3a8d3902a-FRA
cf-bgj
minify
load.js
cdn.purpleads.io/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-40.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:37:12 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 10:12:20 GMT
server
AmazonS3
age
84728
etag
"46df8e234dd4307137411d6b4887edad"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6702
x-amz-cf-id
ZehJKRgrOUuXXWi_8U34PVjcCX_D14PXXqXQN9GQYurAHiqkIONoGw==
api.js
www.google.com/recaptcha/ 		850 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
32a97e6497cd6c3a611286892f51f127409221715c0cb3f2795f8c480bc76de4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Fri, 18 Mar 2022 09:09:07 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1528961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13102
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-332e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMf%2F6pvtethA5VahTrovWFjOvUKBuX0HKur1VNUYNT5xT19EV96wWlA%2Fqonl2FDCZVpqjRI7HqP1j6JzELxaANpnKscXCXABhBmxDcr56SptG7%2F6vJ87gjvAqAMrhmRtPn61Rs2roNgXqSlK91yxPs1g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e3b9649be9-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4497232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6107
timing-allow-origin
*
last-modified
Thu, 02 Sep 2021 17:01:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61310375-17db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwRIB2WvP0t6cQCx1BSRJp7EdRx3gZs8EJr%2FdA%2F9JlNw%2B9S82FY5iv9aWTTLoxPHLd0E%2B5Kmv0bPFKvFRtVDbOAjhUWY2wHuyyAuC6BYQ%2BAtqRHBXHrjQP%2Flnuw0tqAmXZqVMRPtTtWuByOApeYsRoL%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e3b95f9be9-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
744155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLmrwnArxdxnSAl5byf3fL5%2FmJ9Tdk65q9ecye%2B4PrJ%2B5Jy86Z7Spn8AGnZPWrMxGZoPvKBj2wA9PxOFfLVKQwu8qTEiOoIvvaQTL2TvZmBxODAcumN3Pc7KARalyPCJtwfOMBTdb4tV9LQsCv%2BShFkY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3e3b9619be9-FRA
expires
Wed, 08 Mar 2023 09:09:07 GMT
beacon.min.js
static.cloudflareinsights.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6edcd3e3dba05c4a-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3207
date
Fri, 18 Mar 2022 08:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 18 Mar 2022 10:15:40 GMT
s.js
nets4.com/cdn-cgi/zaraz/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTGV1dGhvbGRncm91cCUyMGRvbWFpbiUyMHN0YXRpc3RpY3MlMjAtJTIwTGV1dGhvbGRncm91cC5jb20lMjIlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRm5ldHM0LmNvbSUyRmRvbWFpbiUyRmxldXRob2xkZ3JvdXAuY29tJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTdE
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81da1c2333ea18b9649d21dd0dbb2a09141d43d18ef3e2eea1157f3e56d6277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/leutholdgroup.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://nets4.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYL2ElLk3zAauaHH5bfiTz35xba%2Ftfr0Bkxn1GrUwjRO7mSBNJSHT3zL%2Fz4SwlDVlSznTJ4LTGDycZpez9Tf7E6D25pOdI89O8gIg45cGfvuBbSw%2BkQLRlekvQxSYwAEehXeX8%2BZ1z8%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
600
access-control-allow-credentials
true
cf-ray
6edcd3e3a8d5902a-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
nets4.com/cdn-cgi/challenge-platform/h/b/scripts/ 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef267d2861e7aec8e410a23c1c408384ef1b7fb92e6dc57689e507f05602f56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/leutholdgroup.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0Av1iykbbxymYSWw9och7OI%2B9r5e585EYS6%2Bhgwltom3Sf%2FJux%2BC3kG40gkRCuMloimMjnvr0vX5YNpp1QdaDXtj6dAQMvkfNzVdm1NamaAg9Ti9Vm%2BcEyeeYV9cB76lCuyfE41irw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6edcd3e3b8e8902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=133097340&t=pageview&_s=1&dl=https%3A%2F%2Fnets4.com%2Fdomain%2Fleutholdgroup.com&ul=en-us&de=UTF-8&dt=Leutholdgroup%20domain%20statistics%20-%20Leutholdgroup.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=322315675&gjid=634584674&cid=1625617818.1647594547&tid=UA-123511935-10&_gid=1496276409.1647594547&_r=1&_slc=1&z=2054402990
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nets4.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
6edcd3de49eb9229
nets4.com/cdn-cgi/challenge-platform/h/b/cv/result/ 		2 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/cv/result/6edcd3de49eb9229
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647594000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://nets4.com/domain/leutholdgroup.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6edcd3e66caa902a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4pIaAg5gjmyeGLSLTJ02OzyRO1BVAIkO2uHiV%2Bbl0FlpkdyHaxzgkwZNAzmPPZk1PnVm2exDpuQbsa0YVh5G88SE90lupiQsKXOmG4GRWV14921TwVBVwsT%2F2atBzLILMxx7nToSZM%3D"}],"group":"cf-nel","max_age":604800}
550j6zn5gn
www.clarity.ms/tag/ 		730 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/550j6zn5gn
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0c3ef0fe1d5c711af4c60a08deade283176a3d383c685e4738bc7ac836201658

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:07 GMT
x-powered-by
ASP.NET
x-azure-ref
0NEw0YgAAAAA8Q3NU+/PzTqQhZSYq+pQKVklFRURHRTA2MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
clarity.js
e.clarity.ms/s/0.6.32/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/550j6zn5gn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
content-encoding
br
etag
"1d839f818e84f90"
last-modified
Thu, 17 Mar 2022 12:11:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
/
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1647594548208
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
248566f7-c75e-449c-8b98-a2f461b96992
/
api.purpleads.io/x/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1647594548208
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
2e70456c6f699a33f5128bb0191244ed6c5cbda4fb99921eff54af51bf8816e4

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
etag
W/"1132-Ca+SQR9mZNm5mySTvHyNcLMz9Os"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
95871e6e-4c4f-4fc0-8edc-baf15a8a6494
agent.js
cdn.purpleads.io/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-40.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 09:36:56 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 09:36:51 GMT
server
AmazonS3
age
84733
etag
"6b17cf687f43a8f73178a58f89d7d60e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10487
x-amz-cf-id
VdXhY0AHs326f5-RjVXrdLq-cZeJRe9yznG4euZJxlrFAxc0Ntj4mQ==
sm.22.html
static.addtoany.com/menu/ Frame 00B4 		278 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.22.html
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
content-type
text/html; charset=utf-8
via
e3s
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified
Tue, 28 Sep 2021 21:02:23 GMT
etag
W/"116-5cd1487afaaea"
cache-control
max-age=315360000, immutable
vary
Accept-Encoding
cf-cache-status
HIT
age
2079576
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6edcd3eaeb1d8fd1-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1647594548228
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
2b64b2d5-8734-4884-9b56-2e9aea8fa234
init
api.purpleads.io/x/ 		68 B
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1647594548228
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
etag
W/"44-Pm5SJt3t2KI5gMvsRd3GV+dxT2U"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
content-length
68
x-request-id
4bb2e022-777e-4505-b609-4100860e93af
marker-icon.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-icon.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1539407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1470
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-5ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSa8rg50xoqGQVutNdNqCi9V%2FBVNputs0qTm7Ax1UJOo%2BUGE2NzDMyYk33jkcNWvBoa2UqlYFVe2KFzOvl7i%2FPzpd1QYGafF0ZiBW0L1dKJBok8J%2FdnKJz9cPF%2BbBdU6m8Qv6Vu8f0JQSYpi6XYIIirT"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3eaecc29be9-FRA
expires
Wed, 08 Mar 2023 09:09:08 GMT
2.png
a.tile.openstreetmap.org/3/1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/1/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"cb5643e63f3bc4f3e5c38d2017293c13"
age
33797
x-cache
HIT
x-cache-hits
102
content-length
8528
x-served-by
cache-hhn4032-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647594549.983673,VS0,VE0
date
Fri, 18 Mar 2022 09:09:08 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=329213, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 19:12:45 GMT
2.png
b.tile.openstreetmap.org/3/2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.tile.openstreetmap.org/3/2/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c7b1ee252c1accd2fea964a71de354de"
age
29465
x-cache
HIT
x-cache-hits
139
content-length
11092
x-served-by
cache-hhn4081-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647594549.985151,VS0,VE0
date
Fri, 18 Mar 2022 09:09:08 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=330176, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 20:41:00 GMT
3.png
b.tile.openstreetmap.org/3/1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.tile.openstreetmap.org/3/1/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"bc52a0f704ebee39a8cb5a58715363ce"
age
120488
x-cache
HIT
x-cache-hits
91
content-length
3910
x-served-by
cache-hhn4081-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647594549.985203,VS0,VE0
date
Fri, 18 Mar 2022 09:09:08 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=314314, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sun, 20 Mar 2022 14:59:34 GMT
3.png
c.tile.openstreetmap.org/3/2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/2/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"7c25652ac6639939d717ee7de6a8d342"
age
34818
x-cache
HIT
x-cache-hits
162
content-length
5621
x-served-by
cache-hhn4083-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647594549.985151,VS0,VE0
date
Fri, 18 Mar 2022 09:09:08 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=334588, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 20:25:18 GMT
2.png
c.tile.openstreetmap.org/3/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/0/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"a97b0ae3a1c931b59d9503c0fb773d21"
age
29687
x-cache
HIT
x-cache-hits
111
content-length
4699
x-served-by
cache-hhn4083-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647594549.985316,VS0,VE0
date
Fri, 18 Mar 2022 09:09:08 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=338513, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 22:56:14 GMT
2.png
c.tile.openstreetmap.org/3/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/3/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"9a69d3f3c4dff9f5588aaa850c1c6140"
age
117464
x-cache
HIT
x-cache-hits
351
content-length
4828
x-served-by
cache-hhn4083-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647594549.985392,VS0,VE0
date
Fri, 18 Mar 2022 09:09:08 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=314056, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sun, 20 Mar 2022 15:45:40 GMT
3.png
a.tile.openstreetmap.org/3/0/ 		249 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/0/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"07a14efdf923d78dad7320032b8d412c"
age
279492
x-cache
HIT
x-cache-hits
133
content-length
249
x-served-by
cache-hhn4032-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647594549.983758,VS0,VE0
date
Fri, 18 Mar 2022 09:09:08 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=168048, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Thu, 10 Mar 2022 02:25:44 GMT
3.png
a.tile.openstreetmap.org/3/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/3/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c947e22ac6e5f0475ad3445622a32d51"
age
121452
x-cache
HIT
x-cache-hits
1990
content-length
4834
x-served-by
cache-hhn4032-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647594549.983807,VS0,VE0
date
Fri, 18 Mar 2022 09:09:08 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=314802, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sun, 20 Mar 2022 14:51:39 GMT
marker-shadow.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 		618 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-shadow.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
736875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
622
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-26a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OGBvOqs8eUYGu%2BvSMzO9RA0rAZVjeZyzmltPzNUS3%2BpRoe29x12f2AI2DTd%2FgW4UqH90ZHlzhj78g8A5wg%2FXggJs3G6agV58VNaUCnc3SEQwo2N2p9fVL5qgLO9PSRcV97IwrrNBzpt6wVaLT3w4255"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6edcd3eafcec9be9-FRA
expires
Wed, 08 Mar 2023 09:09:08 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=5E11077EAE5A40309078BE55F0D67DB0&RedC=c.clarity.ms&MXFR=0CF84BD8BFB365EE2A8D5AB3BBB36BFB
  • https://c.clarity.ms/c.gif?CtsSyncId=5E11077EAE5A40309078BE55F0D67DB0&MUID=3D04E227B70E6A5F3268F34CB6656B63
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=5E11077EAE5A40309078BE55F0D67DB0&MUID=3D04E227B70E6A5F3268F34CB6656B63
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:08 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 37136FE57FD146A790ADDA9AA612E26E Ref B: FRAEDGE1420 Ref C: 2022-03-18T09:09:09Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=5E11077EAE5A40309078BE55F0D67DB0&MUID=3D04E227B70E6A5F3268F34CB6656B63
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
icons.29.svg.js
static.addtoany.com/menu/svg/ 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:08 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
4498822
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
6edcd3eb0b308fd1-FRA
cf-bgj
minify
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 		360 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 09:04:06 GMT
collect
e.clarity.ms/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:08 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
6edcd3eb4dbe9b67-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6edcd3eb6e189b67-FRA
vary
Origin
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=c77c154982a3492499261594a503ae56&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=317796a1-42e6-4ab0-ba35-1174c2654892&ts=1647594548449
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
f0772992-05bf-4279-a5b5-4b80d2abdda3
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=c77c154982a3492499261594a503ae56&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=94334c57-5e0c-4eb9-858b-30e319c513db&ts=1647594548450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
d4f88d10-da61-44c2-b09e-dfae234f385f
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=c77c154982a3492499261594a503ae56&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=65ee960a-9e0c-4d24-b975-162bb10a3928&ts=1647594548450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
bb56ed70-55a2-4d85-a07e-ba72742db51a
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=c77c154982a3492499261594a503ae56&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=317796a1-42e6-4ab0-ba35-1174c2654892&ts=1647594548449
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
bbad49236638c67256faf9b341ee7ed0d150e11d24e9c496c438d87755c45ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
etag
W/"229b-/vYALBRWFmmSqpQy9FN5t6H6gHI"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
617d4a38-bdc0-43b6-ba1c-79f5f6fc0334
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=c77c154982a3492499261594a503ae56&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=94334c57-5e0c-4eb9-858b-30e319c513db&ts=1647594548450
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
816bc5b5196f268f2093f622f642595508c04b4312f1d38d7d677424aa8fac22

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
etag
W/"229b-CEPEvvjlYUVrlg+WMj2Mp8GWmiU"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
4d3084ac-088a-42b3-8088-ee84f105ef40
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=c77c154982a3492499261594a503ae56&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=65ee960a-9e0c-4d24-b975-162bb10a3928&ts=1647594548450
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
87e95c861c07abe37dbb8ff42e41d81d919e37003888651c3ea4bcf61a480c8b

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
etag
W/"229b-+UqRkxdT7+D3rzout/K8e131cOk"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
09180da9-a3be-4dea-88ed-604d80e6c529
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=c77c154982a3492499261594a503ae56&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=5d19b8ae-aa1b-4913-ab1c-742e6d56b0cb&ts=1647594548451
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
a8ac36f491e7fe7a9a95e4f30387d2cf0dffc39d1febe26a5e74af2883667093

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
etag
W/"229b-4aQ6M7Vy78u3E4uR4umZLbollx0"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
91e22771-9c9e-4395-b99e-b3d0d37bf891
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=c77c154982a3492499261594a503ae56&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=594bb06b-5002-4868-9aa9-117eb77eb864&ts=1647594548451
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
bb3c7c5fe6b6e262b206477a7030f9d11bf153b2e6fad533230d4db8db83c7f1

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
etag
W/"228a-FtYAmPiKIBE2bBcqT4FfwshEETA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
a5309cd5-1e01-4e3c-8bf7-5d1235acdac0
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=c77c154982a3492499261594a503ae56&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=5d19b8ae-aa1b-4913-ab1c-742e6d56b0cb&ts=1647594548451
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
609c0889-03e7-4c6a-a331-2aaabae10754
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=c77c154982a3492499261594a503ae56&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=594bb06b-5002-4868-9aa9-117eb77eb864&ts=1647594548451
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
fc7d51dc-5fd4-4a6f-97bb-8f803186de09
collect
e.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:08 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
anchor
www.google.com/recaptcha/api2/ Frame A64A 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=7uoh12355bsa
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3e3ee3ead980028ec5429ba6312f4a3381ec3880c13c12c624a391583fed639
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YQfSaL8g7YBqSXFBtoYx5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 Mar 2022 09:09:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-YQfSaL8g7YBqSXFBtoYx5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22791
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame A64A 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=7uoh12355bsa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 16:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 16:09:01 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame A64A 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=7uoh12355bsa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 09:04:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BC4A 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e41854e6ee29797f26b5ae261cebad41f4e92c4e6bdd6dd46efb101ab9e52029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27851
x-xss-protection
0
server
sffe
etag
"1161 / 214 of 1000 / last-modified: 1647554768"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:09:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C322 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 518 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:09:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D4CD 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 572 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:09:09 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame A64A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=7uoh12355bsa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=7uoh12355bsa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 18 Mar 2022 09:09:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FDA7 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 639 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:09:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 290E 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27856
x-xss-protection
0
server
sffe
etag
"1161 / 68 of 1000 / last-modified: 1647554712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:09:09 GMT
bframe
www.google.com/recaptcha/api2/ Frame 6837 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8bdbf097261a220717b31f7f5a76400527104d112829ce5fefccaa39e65c96f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H39otffwPGZ3mmJl13RuGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 Mar 2022 09:09:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-H39otffwPGZ3mmJl13RuGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2022031501.js
securepubads.g.doubleclick.net/gpt/ Frame BC4A 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 14:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126660
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 08:35:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 14:23:15 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame C322 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 08:53:47 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame D4CD 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 08:53:47 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 6837 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 16:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 16:09:01 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 6837 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 09:04:06 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame FDA7 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 08:53:47 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 290E 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 08:53:47 GMT
integrator.js
adservice.google.de/adsid/ Frame BC4A 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BC4A 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BC4A 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=879657133458274&correlator=3774352188731641&eid=31065690%2C31065653&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220318&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647594549327&dlt=1647594548871&idt=430&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=2262&oid=2&ucis=4uyp1s3blthm&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fleutholdgroup.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1625617818.1647594547&ga_sid=1647594549&ga_hid=1190922438&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3626db4fcda9cc54e6114f1b4478d3fca78b7ca4c16d97bf98f9ba4f1556cb37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BC4A 		13 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42f9b15e047a8b059580f2d0566892b8e0dcb3fc81e14a7f0312f7ee94106a8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10459
x-xss-protection
0
container.html
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 74D5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:09:10 GMT
expires
Sat, 18 Mar 2023 09:09:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame C322 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C322 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C322 		50 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1453899319088291&correlator=3330246546764442&eid=31063377%2C31065486%2C31063246&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220318&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647594549372&dlt=1647594548904&idt=445&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=555&oid=2&ucis=v1nd70e1ea36&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fleutholdgroup.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1625617818.1647594547&ga_sid=1647594549&ga_hid=712177076&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
50d82309721fcb73a52d47765a010a6dffe95ecaac7e6d1546449c8937f08537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12110
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C322 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb507cc4b6793cd0049a4a75862408b554fa3fd54d0425f2376baba3c0a4b34b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10689
x-xss-protection
0
container.html
15ed41447392c39526012ebb33067d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0008 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://15ed41447392c39526012ebb33067d08.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:09:10 GMT
expires
Sat, 18 Mar 2023 09:09:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame D4CD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D4CD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D4CD 		57 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3180398423031205&correlator=1005049008550240&eid=31064151%2C31064927%2C31065728%2C31065516%2C31064018&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220318&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647594549393&dlt=1647594548914&idt=471&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=1422&oid=2&ucis=dfatkh7x82xk&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fleutholdgroup.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1625617818.1647594547&ga_sid=1647594549&ga_hid=719107726&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
31ec284ba9c15929e75620b4ce2a89e0f8dd7142b41cd5f009f99180a8c5b4a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12705
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D4CD 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3c260b6e1c3320e731865f4a874e4491d315f748993f62ed0e6215bb35c4b93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10618
x-xss-protection
0
container.html
023fc26b6b9537d4ef1bc238cfed3b19.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9352 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://023fc26b6b9537d4ef1bc238cfed3b19.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:09:10 GMT
expires
Sat, 18 Mar 2023 09:09:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame FDA7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FDA7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FDA7 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2785580687016835&correlator=2108467015259567&eid=21068766%2C31063247%2C31065515&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=113378651&sfv=1-0-38&ecs=20220318&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647594549419&dlt=1647594549026&idt=381&biw=1600&bih=1200&isw=160&ish=600&adxs=1148&adys=1298&oid=2&ucis=gh2awhbuw35&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fleutholdgroup.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=1625617818.1647594547&ga_sid=1647594549&ga_hid=723790094&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2efd0b334753cf8ac29e704ac6f0348889c5712e5e13cb1f3512beca74144192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8816
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FDA7 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08e802fee197353ea994dcb1bcfa7ae5cea9af5e26a016242519bfc916fbc1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10660
x-xss-protection
0
container.html
f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 879B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:09:10 GMT
expires
Sat, 18 Mar 2023 09:09:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 290E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 290E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 290E 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=964791577107972&correlator=4078938276236602&eid=31065613%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220318&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647594549448&dlt=1647594549034&idt=405&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=4344&oid=2&ucis=gc53sc8fiyyk&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fleutholdgroup.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1625617818.1647594547&ga_sid=1647594549&ga_hid=2144310480&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e5c4440c8d0e50dd5bf59c92f7af7bff9eb4ea7b6fe3928ee897b9df9ce417de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8919
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 290E 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d228cd81a33f49925eedeed3f06d1ff8b569cdf23bc6eccfbcbbe12b15836f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10537
x-xss-protection
0
container.html
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B41 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:09:10 GMT
expires
Sat, 18 Mar 2023 09:09:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BC4A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D4CD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C322 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FDA7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 290E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 86CB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:06:19 GMT
expires
Sat, 18 Mar 2023 09:06:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7DE4 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b00cb9dac6485757ea30fc6b748f048a7fc71c6aeda1d497782dc765506015e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-05S7eWv5yRA5YDElMTqHeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:09:10 GMT
date
Fri, 18 Mar 2022 09:09:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-05S7eWv5yRA5YDElMTqHeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6564 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:06:19 GMT
expires
Sat, 18 Mar 2023 09:06:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4C8E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6950f718b8dea80e14c519f4fb6c59a40612ba9231c0838ce0006cd5e157ce67
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NDiIbLQHUqJBudgR+Xb99A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:09:10 GMT
date
Fri, 18 Mar 2022 09:09:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-NDiIbLQHUqJBudgR+Xb99A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8AB0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:06:19 GMT
expires
Sat, 18 Mar 2023 09:06:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8DD1 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
168176f3bb78366b5163c6eea8e650e326b5c3590c9b7f9663328e7777a62cd1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DlpG2ipl7nNlqABKn3DiqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:09:10 GMT
date
Fri, 18 Mar 2022 09:09:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-DlpG2ipl7nNlqABKn3DiqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 615F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:06:19 GMT
expires
Sat, 18 Mar 2023 09:06:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1831 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
32c82a3f1b3f761e635c2a521fc1f9c44fc1eccd73ee7ac07abe2a9cd073615c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GcKm+06ByGOYwUtJb/HCFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:09:10 GMT
date
Fri, 18 Mar 2022 09:09:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-GcKm+06ByGOYwUtJb/HCFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 16E9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:06:19 GMT
expires
Sat, 18 Mar 2023 09:06:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3633 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
216230c70329b6e662531a3a8a1280bd3e996de156a70f3f805f4a9841d5e57c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LOSoMrUuGGDWeA4HrBuJbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:09:10 GMT
date
Fri, 18 Mar 2022 09:09:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LOSoMrUuGGDWeA4HrBuJbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 7DE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031501&jk=879657133458274&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=964791577107972&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
container.html
f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 47A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:09:10 GMT
expires
Sat, 18 Mar 2023 09:09:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/0ef29065205b54918ec78eee778372aa:e6f8dc558a1f2b74c73ea9cd4940facc88cd7259caf044bde86222f1dac7f11e8a0e861189d3ed42378426f5d7dd7b76de9a0bef185fe687634d69a648e7d4eca501824f632a2c4... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/0ef29065205b54918ec78eee778372aa:e6f8dc558a1f2b74c73ea9cd4940facc88cd7259caf044bde86222f1dac7f11e8a0e861189d3ed42378426f5d7dd7b76de9a0bef185fe687634d69a648e7d4eca501824f632a2c44a5ba7e317e24616998a771231d88e8d18d438bb742c2474cfad308fa87bdc250491f55f3468e62abcc370a0b182ceb65c5a1a50a60fff368564acd60fcf8c54408e2920c63b20ce1/i?id=a5309cd5-1e01-4e3c-8bf7-5d1235acdac0&ts=1647594549771
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
21bc895e-fe87-438e-b7f9-aaf7df6d50bd
i
api.purpleads.io/x/a/0ef29065205b54918ec78eee778372aa:e6f8dc558a1f2b74c73ea9cd4940facc88cd7259caf044bde86222f1dac7f11e8a0e861189d3ed42378426f5d7dd7b76de9a0bef185fe687634d69a648e7d4eca501824f632a2c4... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/0ef29065205b54918ec78eee778372aa:e6f8dc558a1f2b74c73ea9cd4940facc88cd7259caf044bde86222f1dac7f11e8a0e861189d3ed42378426f5d7dd7b76de9a0bef185fe687634d69a648e7d4eca501824f632a2c44a5ba7e317e24616998a771231d88e8d18d438bb742c2474cfad308fa87bdc250491f55f3468e62abcc370a0b182ceb65c5a1a50a60fff368564acd60fcf8c54408e2920c63b20ce1/i?id=a5309cd5-1e01-4e3c-8bf7-5d1235acdac0&ts=1647594549771
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
28d940b7-276b-4f33-9e64-1062cb81abbe
container.html
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 44B9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:09:10 GMT
expires
Sat, 18 Mar 2023 09:09:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/6fa685e0e470830582b13d0a166a2db0:7f1590f0b4205b07d4de50d7c95144205da29baa8ab1de33603d322230c049a42d85912eb396bb37b4a32f31b045c6e476e5e888caabf4a979d885479924d71df8a5d1afdc5940b... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/6fa685e0e470830582b13d0a166a2db0:7f1590f0b4205b07d4de50d7c95144205da29baa8ab1de33603d322230c049a42d85912eb396bb37b4a32f31b045c6e476e5e888caabf4a979d885479924d71df8a5d1afdc5940b5bdb2ba39dc8386eaec70d33c6a4db053bd2c64d1a6b499fbc616a56394e5926d5889dd03e1c579905714690cc2de21f8e2c6fd68da5be7526da25daf18fd1fed7db441413a55e456/i?id=91e22771-9c9e-4395-b99e-b3d0d37bf891&ts=1647594549799
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
c57dd698-b879-4f01-ac62-167a794a0509
i
api.purpleads.io/x/a/6fa685e0e470830582b13d0a166a2db0:7f1590f0b4205b07d4de50d7c95144205da29baa8ab1de33603d322230c049a42d85912eb396bb37b4a32f31b045c6e476e5e888caabf4a979d885479924d71df8a5d1afdc5940b... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/6fa685e0e470830582b13d0a166a2db0:7f1590f0b4205b07d4de50d7c95144205da29baa8ab1de33603d322230c049a42d85912eb396bb37b4a32f31b045c6e476e5e888caabf4a979d885479924d71df8a5d1afdc5940b5bdb2ba39dc8386eaec70d33c6a4db053bd2c64d1a6b499fbc616a56394e5926d5889dd03e1c579905714690cc2de21f8e2c6fd68da5be7526da25daf18fd1fed7db441413a55e456/i?id=91e22771-9c9e-4395-b99e-b3d0d37bf891&ts=1647594549799
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
5b9a7084-4f13-4157-8d72-c46eb53581b4
container.html
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DFA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:09:10 GMT
expires
Sat, 18 Mar 2023 09:09:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/7de8a76e1ed16dc8f3eeffd9298e04d7:bf189322ffef9d21ff73c8096c63649f385e22c67e8e39209fffb9ca38b5223c9f952cd84fe5e990bc5f2d7de0f8887f16181138c4fc3d9cac9be1206cf0c85fa6c6ca8e5beb061... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/7de8a76e1ed16dc8f3eeffd9298e04d7:bf189322ffef9d21ff73c8096c63649f385e22c67e8e39209fffb9ca38b5223c9f952cd84fe5e990bc5f2d7de0f8887f16181138c4fc3d9cac9be1206cf0c85fa6c6ca8e5beb06135ad41d85f3e5e3fca6a5bc07019d380d7e9d66305d1741aff5ddc3b18d50284cfb659c54cef2b4f984b0151af1c10e6e36e6f18c32f07ce7d18d3c75df6da40e4b1bb43dafba6d85/i?id=09180da9-a3be-4dea-88ed-604d80e6c529&ts=1647594549818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
3984b71f-104c-43e6-801b-b25a789f2610
i
api.purpleads.io/x/a/7de8a76e1ed16dc8f3eeffd9298e04d7:bf189322ffef9d21ff73c8096c63649f385e22c67e8e39209fffb9ca38b5223c9f952cd84fe5e990bc5f2d7de0f8887f16181138c4fc3d9cac9be1206cf0c85fa6c6ca8e5beb061... 		0
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/7de8a76e1ed16dc8f3eeffd9298e04d7:bf189322ffef9d21ff73c8096c63649f385e22c67e8e39209fffb9ca38b5223c9f952cd84fe5e990bc5f2d7de0f8887f16181138c4fc3d9cac9be1206cf0c85fa6c6ca8e5beb06135ad41d85f3e5e3fca6a5bc07019d380d7e9d66305d1741aff5ddc3b18d50284cfb659c54cef2b4f984b0151af1c10e6e36e6f18c32f07ce7d18d3c75df6da40e4b1bb43dafba6d85/i?id=09180da9-a3be-4dea-88ed-604d80e6c529&ts=1647594549818
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
bb5d2b47-ffce-43cf-ad11-ea226c422c70
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202142035000/ Frame 127A 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61563
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"74cdf3878bfbef53"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 127A 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5733
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42a91727bcc93df1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 127A 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29577
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42f1ed997a28c2a2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 127A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1873
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e63b195883091b5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 127A 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13633
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c67c66f710e82a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
css
fonts.googleapis.com/ Frame 127A 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 07:50:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:09:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:09:10 GMT
i
api.purpleads.io/x/a/28b39ae9d771bc30a9ad1380575a6db7:062c7192a0a2a61fef9904bf5d4d86305a7056e215ae5e925d75c27ebd4e0fc2ab530b0ab703a4f4216105543de02958310a6679c9e47a49484267197964cdae9550aa821dc58dc... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/28b39ae9d771bc30a9ad1380575a6db7:062c7192a0a2a61fef9904bf5d4d86305a7056e215ae5e925d75c27ebd4e0fc2ab530b0ab703a4f4216105543de02958310a6679c9e47a49484267197964cdae9550aa821dc58dcfd62b1517deab18945db38a8e38f9c01984f429a25f713077c848c58dde6a7b331bbf4e6225286e0c0db1f17251a0ed269e21d0ed59f17bcc6f209c37748e81ff768819c0df83089e/i?id=4d3084ac-088a-42b3-8088-ee84f105ef40&ts=1647594549841
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
7ddaeed9-6d05-4292-99c5-758c1592c8dc
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 127A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
50962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 127A 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
12336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 19 Mar 2022 05:43:34 GMT
ai.aspx
m.exactag.com/ Frame 127A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=zattoo-gaw&extLi=12985999821&rnd=3091636554
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Fr, 18 Mrz 2022 09:09:10 GMT
Server
Microsoft-IIS/8.5
Date
Fri, 18 Mar 2022 09:09:09 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://nets4.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1815
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 127A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMFtkNkw0Yp-3B8T2gAe1gaDgDt336Ldo0ev5r9oP2bqs644OEAEgudvzJmCV4pCCoAegAY24josDyAEJqQJW9pg9auuxPuACAKgDAcgDCqoE7gFP0FA5AoFkjvwruPcl2Ak7IGgJ9dn2q7mN5rKf2JZOIlPr2CwdXNtz29BlSuZPscAm0j0XWwetrbcEc8yhImmCDGqys_tO173LXJQ1-j-wiRlJLRZCrfCzdCMfFWaiRy47oz2VJ2Ytu-d89FCv51VjWIeuqUzmla9pVys2AnwUEJBc6JaOYALPmu7ymFbFLeLNuqgMKjfVKVvfZVXQsLUb-z830HZj0civhrteB1-hUKkZtK3kUB9Gu-OQGdKKigJl0JwdPpIrjufg9lWFVRoApDx4kDTEifihwVQwYq7aoEfLtTCm_fT_YXz2XO7dwAT496DExwPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_ZqXMKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM_RBNIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA8gLAbgTiCfYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDkwMzQ1Mzk3NDc0NTUzMBiLuXc&sigh=Qd9EVrsls9o&uach_m=[UACH]&template_id=5000
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
i
api.purpleads.io/x/a/28b39ae9d771bc30a9ad1380575a6db7:062c7192a0a2a61fef9904bf5d4d86305a7056e215ae5e925d75c27ebd4e0fc2ab530b0ab703a4f4216105543de02958310a6679c9e47a49484267197964cdae9550aa821dc58dc... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/28b39ae9d771bc30a9ad1380575a6db7:062c7192a0a2a61fef9904bf5d4d86305a7056e215ae5e925d75c27ebd4e0fc2ab530b0ab703a4f4216105543de02958310a6679c9e47a49484267197964cdae9550aa821dc58dcfd62b1517deab18945db38a8e38f9c01984f429a25f713077c848c58dde6a7b331bbf4e6225286e0c0db1f17251a0ed269e21d0ed59f17bcc6f209c37748e81ff768819c0df83089e/i?id=4d3084ac-088a-42b3-8088-ee84f105ef40&ts=1647594549841
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
4d1be8c3-563b-491c-b876-aa27cf40fe2b
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=3180398423031205&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1831 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=2785580687016835&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3633 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=1453899319088291&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 86CB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 6564 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 615F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 16E9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 8AB0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E603 		624 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNXJdhyvCWq5I-2Xqkj78OhAmD223UlKPRMzNnF1EFXsNAUQRppoMBclsxkkrlO5nL3gt9CA4SR5z5fNE48zd9GCWy0IZ914KZPf7V4LBSCw1X3cMl0CbFZkwTfhEPNrcSpaclRRoBTrvOAhp8HAhl2cOQnk9QV2RJ1x6o3DAzKlTRJVcbg
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 18 Mar 2022 09:09:10 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Mar 2022 09:09:10 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 47A8 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBrhiuP3pUcmTH58kQzQ5fQx-IF2V6nAtKge-Ex598TdZv27q8Wpo-A-hKLKlIEFQTqielCYoSMP-hkcdAQBcBIB1E3WAXcbaA-nLos-10v0e55DW0WtwOq6Jf4ItVNfxW5kTT5KzmqQWI8MBIUNwrcgwklw&cry=1&dbm_d=AKAmf-DVO1GhsaO-mtSmrIIRLWYZqJJ0-8UBlwcmaIrAY7hW68uRa4i44cILIilbvS89VG5wuvUcaQErh9GQBgAx83RXUsn3Mpxm2ppGQHgJ0XZKN4CsYCPAcfbjHCa3ExxvipAK_V06S3AE-6t7wrplg8RMgFqwFSvajsTZ8nUQOrpUmhciuziw17RkIJnA6Snrm0-v1q5jz5yBOMEhoUJyU8CXzSFAznjfLy5lMM--l8Hfi7yVMzIyUdMDMkMbQGVRzOgAul7o9DtavW0lm-mdgpwF7JVLTeEx2qaXo-CNdFQwpWFrJ9Alq6Ugrs0z-T3yG5YwSzQqGsaTOBusZGq6pIhvzLqXfrb4fq037PK9EIdYnL7dglvejFH2UQxGQmEj7SqhYToQgcoAtru1JLFRoXw5aQoHliRfBBoGjBC4kpvmoMBTdQbYBKdbNqEHRaqhSvRXRgCKR_jXukrXgP2JBs6_6dFpJ1VlDVH2yQTFzsr6U-uEukS5gDyLYzJYDKpMKQXaImPtuwp52tSnoQNoolWmoH2bez_YrkUx77wgPA1r2AI6ohffWveytZ4d5gvJ2u24c7_wm0R6V4cZMvA7zVed9C3L7DRJPnmVrmsddcuakJ8qwcL3TMfrKEvXMqq4VZLtkKA3iSJAs0nuSzpflXEti0bKrDl-XP-JWB7HZtG8AdX9pLUqA6eAZtfWT696TXEl6juWRqCGTfqT1mEDuaGeugPowPAQity6w6kb_Gc54J3-wjFkAxYLKGELSjmAzZ-hQRZxkLRwAM0uhu57qHyC2tE3k_aAaSea1ZGOkOb673HP5sD8Dj7uz_FwosGh4DMucFpXIF61ap1_0KDzRk2h5pC0aOdJ9v1ZOB7glBolrxZW-HFrlfUPQolMRVBAS1xksnKCnMkC53LhWyd9nKI48CnF5477V_-4QXQGwF418GEQ5HR5HmGiAN0oxXL4BOFQ-4Z-thKCmYLLTEuzWMHJ0JMJwCuKToyuobZPSNy9VDEYerGgnn1qR5ynfLep5_SwuJWd63UTJhLOdTRKd4xUf4oh_3G_plWzu459irYLcOGF6Rd5UG4mckY1LDoWyyV_M_hqhdJTMtLgahX3FjTjMAJWFWRmhDcun3VDq4pqE39hpg7Bky-3F1TUXe4rqWwnVaw9ypVSuvzjeYO_0c1WhhIFOSQwvFffExXCnuF-fnvX9tF9a-XJqO9F2MhoqSDFFPW6AXQJX16jvy_evyUq-pVjOr0R9gmb6MXYmA2chbcwuaxI_5lVMgnbqbXQjyGTBVJTpAy9_RD_lAnknfpX4iCiNV2AwBrXBBAa31QzwDjRaGp7vAH3HiCUuKYH5j7Xhygh9XJOfCe61DNCtPAGrFrpCr9AaFhB4JIE-SS9Vn2BJDYo8th3oiCnAsceaibErN-80yzgIz8-yyLg9o0tlLUOe6vk31bXoR5VRfAp2LG5BNjhBCNO3D3g431PV3buHfMoVJcU4tjNmjSL4CzR6fBoCxoKHUw590e5hHHQT5HMB4HIt1wi4Azv1GKBaP_pz5FmiEiwOKKYvbfdEwRwopAG2zUVlrItitM-mrvXXHGMDtc7U2i9TMVlbNy_tmueg_kVOe6LabP1H-2OFzIuDPNaDoAVSsP0fzP-J4Gs-OSz7ozoO57xFf6yearva1Pcq2mhkpZwtwggfRa0a_emMqWVX91vpFhFVCNLg5kIVMgUGCTyvwTf93BD8A6hmw4FKFq8LLXp2r1_72SRgWBW_WtCHP4nlP4TZwASKoZrBRO10iTuEidB9Gxuq2F0sftB6L8GVwgOSC00ozoJ0MMx09mdAKEH4M27kFeY5df23YTqKFRn0Bp0UXWA8qr6DjwJ_RyGpXl7mEB1i42loeTDbfd2JWMLFkud6DQuWSZxvzf1hQJqXxewBACIQwWvPRlJ6EeDN2Z8OrDkyz_hkpDdP2bAxm5wh3XSAOwi6hg8oBao6AxWNW8U6qV4aduc-rozzJJYKyqtR5KYjfe-eJ5MA0PxxomT4OieYyap3VxhJzC3VdyQl3Hog-WW00NuqZzd6ap4LBbqlTAMZqr96_vEhaDDxsqIwLkGK_kQx6pU56IiG5O_U67efF5A4OLa58mpebG9k6e5DkMIsWZENq3xDcbAfIFwa66qTVUMDROezK2s1ssBXOZ3YNzSf8H7xqcBciDcP626OFvcOIO9_2CYzNl0-FC9129TE26H01_rGkCMZ6wBALE2tj2dZf33DhjNpGa4pIgXgDifsb58eARJ4NXMp-zu0dYawtFThEQmWZhKGJUCmqeqAxoel7r-FTzSN4N_wfiZ92k2YwKg7plUGLPvd7mlVxzZkpDYOrEAOblTwFtWNV5LNffFqRr0Bry-cp702RfUxsh37Ct-Y_8phlpAGpBKpAJIZPCmK3j4X54bO2_SNTLe7QmAG19zIhds6a4_vl-JOP1VLNH-DG7Eotbo2MsyA7NXqaztkkUAYpa6Ear11fPLYsD_sC23_ybNPHBcOpKYpbTcqL8tPPYzxOEIQ4uVgcZnqBE0irAKFn8E2CjlfvO3exjx5spUPJ3WLEnpfCY7WzE6O7hFdaR0S4SDSrdZ0TEWAYcRSutVnpHq5130NXzyYhOQ7A3WsU04F5fiwR0ehNsIhdJFOvwhomji8jfKttvAjTQHhRaO-jikGxlzz8FANemjgHYaIlNWIMtrSwT5Wlammy5rjsQMIwunioOwiJ0SVV0jNqvUBzAv8mzwma3yLuy9Wc82K6knLhdy_cRauMnhwnQsKF5Xc8bwByDrSc0IeNrh6ufWG8sjyvTAzWyIeC4xLietXfsGHuAXd_dwZf-HtsmLSsOrXx2H-a343-U8czphva3znAxsP_NFQRanDvVrSP3K8fPuoWo-Xmt8KcshnX3v28-ODnUYulIyqdrZLnjcrbklBjRs-Leel8QNBa8y-P5vE8YaGrU3RpEEjYdtVHKMWZYYsu3fEvaK0aA3O12dC9p3fnQyaaP5Z1zlGPYaJRLTEhGnM-WnBC6jzgCws94yBj8RI1cmAcpJ-S6rHWvpmq8Y3m20wtMqp6IEtZtHe0q7dWew_E2MtIyl0Pha_eKSlhu9GqDDWjS6eaITtcCFIeJqoZOmHEYts3u5dEKE1BetvRgy0jGb--AH3Hlnwd0qIPyQymVlWBnJM_hIR5qpfc2Brd7kOn8qdwPw-2eTGK990S0X3AbdJJUZiMwtp6hPOyxxgIlhf4bFDhKTxut0EPa90pFot3vOateJ0uNjKyZ_9gV5Ay-e&cid=CAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6db6b89b6e1b0e76270ade7747e4ad64080b23a00407c4d4cd1806a5ec11d833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16212
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 47A8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aj0pxp3ZwqGp8R1yoN1zYrMdiPVtXGYeDq3i2c0O8E9J4KcNRi1YmfYUCK80BDNKl7UKpwi1DpypVqzZLAhxM-Lw5Jpqk7MYKW8_QeWEwDJ-l4cNk
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 47A8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:59:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 47A8 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 09:04:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 47A8 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AD74 		624 B
976 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhj376nFATAB&v=APEucNUogv_0-A6p2e2tQedTNd6V-DPbcVP_Znh0_BbjrU6FINxNcPff2p9hLtdtitWYjFxypns_gGIoOdfXGNiU0S0DEMydCDkKwIRvZkdUMpKkhKDLjxDxbjrEoUjzTR0Irt8i9QQ-eeIUid9IkYv0e0YwLR1pcUU3nmUWQ1XibW6LI3IkmLA
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 18 Mar 2022 09:09:10 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Mar 2022 09:09:10 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4DFA 		26 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMSsKdDtwi7ATSUAwVDTv6_jOns2S_Xsc81aSbfPmWLoDzX6daVrdZMqPhv98wnTPYT1WikwoFLY3AZTD3JZYqDyQ_G0S89T9NhR1Xm3hbd9CJJjFVLkhfKl6vj03vz3F2SUXqKSnd8Q2ryioO391ttPGkmw&cry=1&dbm_d=AKAmf-Cs9zkDpZeI6I3fDfcQV_Wh9ETNKMHkDnTRHNDX083O44tZBYhJ0YndSZ7q1FUjznDjccM9xN-VIgtew-LKefc_b9_kOiB9xV1-Pyg7H25Vjg4gw8Ga9Vv5ymCkc-2O2qnGJ82K9d3sKu7FMVRicUcW3t_88wwiVWTBEg3oeVTwJkuJpa-F9Nh_tP6mbXMH4QCyM_vI1qg0VYLay1bcots-XUXxKP4yzM5tIFTSqbwN__isIHygt_4q7NlzJiF3kooIYtW1D1qsqKTUeuEcxh7oS-rz2P2YjvKlWuR0A56w9MwSDHZMPeEQBslJ9u0jqmkHYikQgz7cZJICIvLwbfNu1j4avs0NIQb9NEq6OyzTSeTGOl-bmGPMPLC_tp4i8mkYQoeYKLGGRlw4PH-2U4zINJvzqZRMkEECg2DIWGnzTX40h5vm7DR_vfHWaNv5pjN3HMDxw31IUVPwC7zwOh7tFJJdCN12IIqlny3-VhB3dy_PlIcHAhfrARtTxJN7UUDahNj3fQem9fpetgL2yE2gHQnwc9HqraxXNYBwQ-0LjW-eKUCepv_9eds2KqhVMTqqJToyinYYLVWstSWXvQ-y8gr4TcPKVWBKD0g5gAvAkjAs6XC1cQ6xWmlnwODqQfq5KOx3zmTXArnnPm0RNODpCwuPXlbEAztILbSMv4XskR2H13jhir4atR7oolhsRGTbQpWTGUobyBfIp5k_8VgTGRYrWzgxikeeqgknGN8He26Oge1WDkBOkvRlnrLArnI2XruFI6lraPY0BqzK6IToBAA3tmwBJPtgDaYdSKu4vI5UwnaWDFHQ-5SxEE6VUrZcpkVJoS2J9ufwS181TQIriBtPkg00X-oPXoLh2W5mWrCoLSa4mtBqU7IZ4m6osKj_9yLhs24wwyfI5DMTNjlP-oa8Ta-kl91ksi0kUDkwIyKzCQFLyIka4jcfcByGSeQ-_oWsDwX1OIhbdhBqAoYPMb7W7xh_qenZgDetMeYonz4OmVQPFuifcNKGF0tOImhKlVBZtVSqfRqrES2TaOXQz19XVf0hE9a-HxVOmZGpTAbBjC-0j6Lnt6shJjZ7F8BaTbROAQMY98WH9YYFGeMewD7ppECwdA79D0fj9PJSDnyl4hnC4WyLoAQsR9rNe6zWa2MqzVuT1ThVtd1tU-Y_7ldrSBSbgPA8pj8Q2Akm698cW2gI4Fp2k0_GYWt-SvO2FYjs9lz_O_Sdka1HENAS7GipGF-xf_SPaIJn9UYujgwmWGEyz44Z_mpTjJ7pJIitxJVjFrhmyJ-t1bqBnrV9lXulDTHoNgZeQx-STv4aAWiPASQsMw8UobTnU1tHufwaIYTEcvrQFXZo-TV3IqWKyovjsMu3bHwgD54NdNmKIgv8MsqySSATdNZcsWUvRmLfCbHRYpF0vy73Z-WhB90urYWC4q10SdC33JWTQcvHWsvjqCc9wp9DNtbPSrq9kvRhdl7dS5i_9tcZyAvU5gYVP0ExzqxbdhFTOur2oslwa7-r0DEr8Dr1Z7HeOnMqpYmqmqFvLO8Nefd1qpAMFVdGpDUkMoKrVnSA4ECWjuaPXeZveNMDmZ3zYWtcONP6hu0juhU8BDTJxoj5AWAXhdUE4I8nArGWrt3_29rOLC19WcnECpwVLNEgybQd_v9YXufppS7af7UIHb8ehr1XgYtnariOwgKCyYraPWNGT8ODCpCxMHCvG6Lq2-umPbkOS3TG9qywVyE8sQOyUL9raDIJsxHEU6-yJsOwZF29Xnl8t66gHkzARcuGp432oAe_teCQ50GAlT9pPUkQlTs_eTm_Q0U3R9ZZib_JyrcyF-e80z5lrsaJtnnUpgnWRqHXIvcm7MP54bkp0X3Tp-VEE-GCojttiD4tIZ496pn2lBk6r3ZcdZmNNH1z_6ozIg7TkTExKsHirXjwQxKO42TYeRJIHYBQ1GW6DgSToWloUzrasgqswkmEd1lT6uOgZlUli8FnPQESGSHzTkGJcidtjw1dF0DGmwUOe5iHlXv2tf6qbtDkJ1vqiLPNuSdhxbcCqWsosFAaGGB8W0fvoP6fkCS7yHKmp6lnmUrs1-nux9tpRgpa7mmDleX0rPaJ0c-84ZA52CWfSY81QOmS8p4cpiS-nykEqOzUAGdoU3AOScQmGc7hS6rcAODg0_tWefbhJmiSdaMGxwJh8SIr0gVbVP1yea6b7He6gDBNg0MPeNozGk0YjnSN7xaXoA3JA9QrAvR9aUGsXPAsgjTrdZX2eGi3ci8BWJVNDm17Vf4oIdCJApWII2ra-pT6BVPBGlwyYKvd1oP90I5zKc4tyk1UtqvOC6qsQ_OTIpPFvIAyHJNTZ-9l7AS7hAX5pjK6tV7lhIQYDPf0kCKynXGdkOS_UCBUi5AgNjvncquHR88iulFP9LzyJdhoqRh_UiOFMv8Z47CAtxy2TyFMvq11l8I3C3qKXL5cz5a-9fcOtqxgMQmfEtD5uLNW4aNrDGaRVH2hjRealfAvl-xKMB7MpzxyQm0xDVrmvEbaEc5GJ9rDPyAGKK0j-CE13i6ZOVlj74eMkQoa--O1mWH-vTtm7d1piMkfrp_4U9I7fa_Il1XMEYUa-IEUdCdp-DOqnoiIHsYNMz8oZI4uqnxq82c2MEiZPwTaMSvI8AlxYHzSxnfjVGwEFf_jnCgj0hHr5U1I1ZjdeUrzBHqOvHfdtPSpYF2W0oI3ueZsffLaeDja_4bYOHlY-5CPrAYrhf6PWyUvsE9rkDx88ibC87TydZHhMq_FMWLUzReV5OWPPDPywgBRu9bn1MKNUqBfABpk3vs8ca7OPKsgSus6OEvM-Z9G346Z826PGJ4UWnLKkyUdW_1iTy1dszrOMYI2bs4jXYwbaeyi6z6X7hL82HLah_C2o-jBfXZ-fN34Gmnc_wKRpunb9FykmG_-YLP4zym4Ot6Y1VB72SZ2hu7meHBR913M6dDDQBUQZZ-STMlB71BWzu6r8zxhM1vJFVvv5faeZaWXdb9eKlwZM3AgMK_9tSU96mXaa6Gf1iaoW-7flzWIQlGruWulYbuTBzhIr_dyelQna9cTYUJxFBLnSYM0SZ4csNg0L3gS3JwitHV6pepEzwLqZ_Ie78DtFECiARI_fV4F6Lvd-QPyLn1XDJSE-ggSrGyl_XldLgKmrEjOKrwV6DyfnUJnk5DlH6TyXOD9L4FKARVb5lUVbA0xfF0xWkDlvQSwK7nZD3i4LRHMsXk4Plrhw9nYr0Oh1zPUdHOaow8NpkxdOze7f_Uu&cid=CAASJ-RoiMA4Gq7ZesbX633eeUDYN3nOp9nBpbfEALaRQEYnM2Ymo_UuDg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0873b001bc6fb9d6c0bdf09f3aa9ab9a5469631ae94f23d6c0d5cb2507d802a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16064
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DFA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D75A_gXVgrdAgOBOw5v4qrT_hNw3DufGI_GOEJEtq38CUIyhUchZVohxc_fRTB9T21jw5VsUF9tFK0dAM6xMy3NAsY1g4lh5WYMSph-ZcyO_SooXE
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame 4DFA 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad13.adfarm1.adition.com/ Frame 4DFA 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/js?wp_id=4285695&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCcxGLNkw0YvrqA5OPgAeHybOoA7WQ1-Fo8Lz1t4IQ8C4QASC52_MmYJXikIKgB8gBCakCn0sgMleZsj6oAwGqBNEBT9CeN2lpGLGxiX8SO1_Mvv9uL0P5fuXvE-x3bjYkVg6-UMGkDu1GJ7Rvom35VSOz0EZkgMvM13KBBfNf1PzgoWK8FQpqV99JPIriOqHci0ZV791AhZ78zIO6AxOxyctTLolRkukE4PunxU_wD2pyIhjyljT1Yyr6ZCH07WB1XBk8idUTEendzKnxQCTwXNXh71ykXR2OvoQID1k3JMqRuksOf_5MNnhh4z1tBzxY-JTrTYwuWkxyZu2HK4DdeOatiBZ2mPjiWp0NKJGiDmB4rFjABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE92vsQ3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoiMA4Gq7ZesbX633eeUDYN3nOp9nBpbfEALaRQEYnM2Ymo_UuDg%26sig%3DAOD64_2eHCstHqbR0M_C6_CRbc1zmWMp5Q%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DxvChgT377Det291mmFxZpbV1ElIfxrMtABKrVO2ty8rN7VtSnT-xKzKEJVKEy2ffYSrt_0w-Z3zRsHLPK0t5lHI3Rkhv7wq-_Va1dd3rrT9BoE0MsJD-S85ggw1f96WmP_jBpCOphHQXKgIPl2D8PRC7r2A%26cry%3D1%26dbm_d%3DAKAmf-BUJNF88RPTOR7KWdx8gb5AJfMaQKW_TLwVX2IKCxT6kJeQU2hyAenWxFzY_PW3EGHi2hEBSuS4X44tKr2C2toh47g6wGv6Cn99vAfQuZE6UuGXrdezo7rAzl0eiHwYBHK0Q9x1P87T2TUXdTvmlgIGv5IA38Yhihunv7ZayGrJ_K0Y0QugLWyq42AyM1F-wNC3gy-HEDe0kDiGtOA2x_wuObp72pwz6yDBiPbIOFApej_VKhBec7RJEVunsZpl2VdYFr0Y_dD8A4_WFLIBTTBUW3YwoGZ3cnrE4VI4LHvhkAEroR9X2vFXCjlPuGDu9GwVk4pefTEhCHikEDjE3L6zUGLHaFzG4aIoi3DEIVlxkUmVHk1MOh3smXyljgwCRGFSNXUDn3apJNHnKI0LjSav0RwhB8YyhadjwI4STXJv-j8TsLcfzhaiqLwwedc4augGSI7Lnwfqaacsr-adGKJurDerLaE5_mXXIjJI3LqNWhieuAo%26adurl%3D
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
f31a7a1e4804398606508f52f439e4ea721287ba9c3a0d05bc755f27e66387c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 10:09:10 +0100
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 4DFA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:59:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DFA 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:10 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 4DFA 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 09:04:15 GMT
l
www.google.com/ads/measurement/ Frame 4DFA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-RAxIiyzbBIb1YvzUHSlOah6LbdwYL3S9StfsCyzwLUreVN_-uS0rNabN4KJVByj4f3lOk8_BhhgPHUa9ReVbEUEvvg
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame EBF1 		624 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNURSGm5UkYt0ga1SA6FfsYCTOftXO0bvMcFXBs8ibLkPyrcK-_b2nPIFnfeHfKx77F7JiTOd5GrZ5rOBs4ygAjq_bfHVah59tR_9nMCAddDKwgxTMVmSctLGwWkUVnn4PTPqjICWKN9VvJ1-bNcLZINm1Lb_K9Md_Tbr4UQo4YEpQM8NoY
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 18 Mar 2022 09:09:10 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Mar 2022 09:09:10 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 44B9 		26 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_upqU9cRyP2XUJCzP7KiiYaCyKGthc0ipW3fvHb_6WSSoVWJxIV0jqVilmKekDRjGpaCAhrxrTmCkIWb1Tr8lBLVmw26nxo9UA52GbCotV7e_Bm8l8qRKuIKFowJbr8ySHS3pc4zChmk6QKP9Yygb_TrVnA&cry=1&dbm_d=AKAmf-DVepVLDzkGH16h85iamQi8JRxGFJI7xWf43yy-l9JSzXqSuZigGIbnPrxgIZQgBBFpjaVyDsPvanAfE_rI3eoty3zR1xkg119CwRoeb7qWMUP5PxFgKUjEA8d2XEEsjnvceidlOB5bV47KiGhtbULD9xz5A2FYL0yej5qqKUXqqaymzSrsrMESLLSL427LPfbinI9jgaqpZF0s4K5yn7ktEY7m6hUU2k6sXULHPGwdJyEFFvXX4EoT38sQnzf3-FK0oMDXH38q0D_7SBLg6pUWWZFhrLfBkd9qZijPJeX4YATzSsQM1WCmi7aHaql9G2nO-FJnBruEP1yWZpik6mLwsVFrUz5ODzphvoWZgrRu9JVomce8JzWnl-y-7E2ot7w7M2dCS0X3GktbaXesRf0xS-J7EhzJbTWlO8sK6szXvT2MnTvoe1hDgLAWYfUTxvU4gqKqgzXCLUozpgpv8xvPpB1YHnIajxfFoEl1SHDBcHmmWXBSLb6jPXJIOxNuuv0bBM2hGV6rB7G4VcVjbhWXDiuXTSF8LCy_sQir8-wss4iMbdrwYWcJr35aKSb-9ApVnBfDBPhYlCJ6WCQPdvCNrtinHrelhJn3Khcmr-_2mSMuZeZvD67JB3VrWVblzdL8oizLSemiUKBfH_LZr28w6rN8A9zYcDnuUNjRLfsiiojH19TvJDrVI7ZzyJDHndmEzVCKKN8kiy4lUyT4VDZTdz6X6KzzTUF5HvubwflPrJPJ3tI9_qwRk1ytiZGxRo05q-LNApPyo65VrCtTEkbaK1a8vL8W4TP9215rARDMX4t3ZiiCANtMT7ECI3Jfowx6jIsC2sXxBGZWbuGV_--1dpfx6dGmrvx5oJGDW1Svs7bFBs0rMtBKufQqrdr-QESSuJ_vtibKwtV0WiL_e9ZakHen7xVTbSBXEEXkl3P7rxit0ONcOT2e5CZMNcdJYY8mNvF-vA-evPk6bzyMZbmOhaUb1iS9k841YDLjZDFuhK617OXUSl8a0UxQoHDcrO5nbR_hplIAZdUp0TreY-E0NX2h4AQ_2HyySgGP0RQ9D0GysaJs2VofpDsynXc6i3mThbVWtD9-SjMCZVkIjCstAjLpZdWTaN7NDSurShvTZ3Re5O6gUS7uL5SXHBBD0jPtzrwX3ZdBVetI7nnobSYIyJz-sa4dDYj_5b6BrNtIwY0pf1bRaMYGOrqibPF50pSzlfw6hvdzf5YnZIZ-nPqmyYNCi3cXkXt-asMsVax-itKGrTYVeSEJHnr6ESTK-d2D6-bm6sjcWl8SAbrhSHWBhDniCUr0lJkqNqNuRIVIPFHVYYgNctztPbqS2GfPQ2cgTUQSQDsAQbz_61SdjxsoS0SGr6ao5qQc6iKRxbqUEMkiLX_xgWVrMAVBn4QeAZfPSdcjzCSDMYPSP7XmMCC7s1pSaaCf6V-sPx7HiyHcj-y1TViI9A0CktyoC8ZifMZahQMGiiHO1aBBsN4DjKQTgQAX3HXsoHfvDqgVrYdAnxoqgweA851Sh6TABlW-rzVoK3MbbcuAXtGvEXmY1P8hOhGi5iUz8bn4k1LOvfpYIG41dURQN5QXifTW7SF_T4lAWQPL4E9l8dg-ABflZsWPqWRg0jiG6qcPRTufbKlXKPbuv1QGhA4wGPF6jxVg9vPeMwlo3MTNa2AxyQ0OrLqIXpG5qBvTuoeZfyzA3GrUtAOP4fSwLGRJ6qzCslRHXKycKB5hyfqef4VTxWRPqtMO9opJTopGr5X_xWt_mrtMh8JpFEmGGRb1KxMYki0kGmTcoLvcUh2eOBITQaBisWRf7QC6oPm7angczwbRpggDrGTDn-Qo502q40iPPwjv7rZGcXRY1zYyNju39S_NuyyTrceokmpLR_95-DMvVi-vsCPyQ0ROBlLZOH1QM8C-wyUJNRiUm2YOq_G1iK1hVsInF2ODeLxxeGSr02xGxARPN_WAqNqqibTxKNyFb3_cpxnYS-eDHT0dCVasHnsyi46qxA5AY1zpjXkj2xwzqgm0qeVzddGOBGsUYe_l5Boj5jWFgqZFJJBx_9dVkYT83Aw27VjVFInX5zAJHyPqvZXXRykKZedqQv8jABtNkH67MYdpCJ4Obrvl-GpM69ZKYdi3THMvysBnY6FgJoW8sdlFmZfFRCdUavLBXIrDdUCtw2_zA4ahKIQ-A6mtv6hBTl4FGmzhxAdkIuh_GuychnYLcoLZLsXswVKo11uHy1Soq1F-U3LQAUIswfhzzzzS4ETAjYHIqvKqyzW-Ei14qXoPeyMdYqUfoXgvI-A0wFbtKRVWo8iH1JvDWcK0p5n1gPHt7WySuKCUiVtmhbd_n2R4sa1XvPVVEh0GXiCLVHYc2yvACyJfNDMWEI8B1NBXTM_riuyyeoCuOy0EMU-uGIPEpoGrAl64bSEtTsoHHs1MploH0HlVo7SIcuEIhF5jJ841esQ6MC-RyVE3MWf1q9ARyg2g9YMxHymSfZWqremn7VALcGUa6_XCBeFBcx9uz_LIQhWfDL4VvegzwodNka08IZWCO7Dn48g5FVd4hdLqL9xJOteesV_bVN9dwCEyiaf6krthY359Nn893ZHluuP5HFlFRyc6d-ps0ZGW_n0ewXjTiL1kYAxjmr0I46byUZwSr8Cph7l9GD1zbzzLpnA7q8LPHSBn64xo3eqODZPCik9W9JG4j0PCETk5Ui49sgNV1y9aPURRi-E0ErV8DJLK_q9arEYPDrOrk55U0wa1R7teqP64bGuzgneTchmWeTbAf-lpXP_j97RMPa_FG1mulKte3bELnMj3pXD9ToNQYmwUV_yZeIsDyciI272Cd1GY0BrMbKXr2KmhYUHZrxOqW4FM5IL5JEUQM74s-pPvbVSnmoEY9xoU5C8988XsjBIsXeIQ7AJAO86CHxkLFCOa_neT_1J0DLAO1LNYvtn1n8tayU_4M7aJ9vlgPJjWpuM66Z7SIuR1VzMk9SKjEdmp7N4F6oQh6JwrJDtNGErgb8Xp7al71-_KZTJp1T_eKie_x1BkyPF4-yCoU3hkmAvjhDDAznZOOOCT9M2y_o_GbK6utpa1C2H9hGnF5ZQZMKiWz4ei1XhEwhz2dTMHm2AKiyBJ9HebQZBZ5Ib90yGermP1upKF_zG3dU0FlFLrv2QDlyCvjD0w7nQRjaPXdcDWoQWEA8jGly90C2lNGmA00JmIZ6-wQ5EGqbHbjvpjK1PkW_NaCQQ1nMdOYO8dmv9oNQhlf5y4JxhTaumIG4abvIYiN4QK&cid=CAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93e967c9a2a71943dd29777694c4dcb350d57835f33f922bedb0d0ea2dc0c366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16154
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44B9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvUgkv8XwEBv9piIy4YLj14ET5Dz1dJIUyCUIwdl467D1Dwu3bxgE9J3RCvM3ESdArgnk3vV7enaInUefm1HXkfdm6GyELy3M7IAFw5XJ8-xL_mCA
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 44B9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:59:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44B9 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:10 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 44B9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 09:04:15 GMT
l
www.google.com/ads/measurement/ Frame 44B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGPyg3DKDS9z1_GlL1EYrSXCuRIBMN2pRCgwRLd8YL7OgAMnoc3KriSlqFmQ255lH52t3efU3Wapp_bFCi75qzkCV0eQ
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
i
api.purpleads.io/x/a/e391db67135295b6338c289f51d73a17:1fd35ae9e933aa44d698c27c84b53395269c2fac3d362663bc4d059638cf956700cf74ba6bebd02e9d5533b15e6bdc8cd49afe0c4bb8b89e0c3b583a675f4eb3298c85b0a09a243... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/e391db67135295b6338c289f51d73a17:1fd35ae9e933aa44d698c27c84b53395269c2fac3d362663bc4d059638cf956700cf74ba6bebd02e9d5533b15e6bdc8cd49afe0c4bb8b89e0c3b583a675f4eb3298c85b0a09a243214446fcbe2a2d858d33a7fe4556c6fab3e22623fef8922ec73882e3c8be0b7aaae5b3b587940ae9aa342375d0ee70f281f7504b39aa30c061076cfaa71c5610b56bd81a37a02ee9f/i?id=617d4a38-bdc0-43b6-ba1c-79f5f6fc0334&ts=1647594550007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
6c70e562-80b2-493f-abc8-3bedd688e127
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202142035000/ Frame 4CAF 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61563
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"74cdf3878bfbef53"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 4CAF 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5733
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42a91727bcc93df1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 4CAF 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29577
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"42f1ed997a28c2a2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 4CAF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1873
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e63b195883091b5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 4CAF 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13633
x-xss-protection
0
server
sffe
date
Thu, 17 Mar 2022 07:27:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c67c66f710e82a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Mar 2023 07:27:25 GMT
css
fonts.googleapis.com/ Frame 4CAF 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:38:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:09:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:09:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4CAF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
50962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4CAF 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
12336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 19 Mar 2022 05:43:34 GMT
/
track.seadform.net/adfserve/ Frame 4CAF 		35 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.seadform.net/adfserve/?bn=53733599;1x1inv=1;srctype=3;ord=3189840259
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
adview
securepubads.g.doubleclick.net/pagead/ Frame 4CAF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CK9glNkw0YvvHBsaZ-gbdwZqgCO-649JouLzgsv0Pse_gl48OEAEgudvzJmCV4pCCoAegAcjk14oDyAEBqQKjMjFW3pmyPuACAKgDAcgDCqoE6AFP0Lp0Z_w9fMn63pq5DCrkZS4hw4QTiZ7xmSobdWxYVahtz4mH_fCK-E9Pm2QPni1XV6n04zzfFW-3gRRSiHvG0XuutyN_-yB-m8wLRETzY11RtH8ITrXtAQJO3ARfpNtq9BK0bBfkj3ZUSW7-FI68pvSeYi8JCRJLJIVcBvL2nf8H3QQbt_scgHcQnr7m7WqjdOz3mAtpZJd1XpOdIxW1EyC9pdpWVpFf_Rxk3D5Yw1QnKP6oG6KEH-TzyOjKdKu0ctjQ5jWQvUxzUqgpSaP14sQGgQboPiJ_UKblSfNqX-EdKvtgKMlpwASatIKu8QPgBAGSBQQIBBgBkgUECAUYBIAHoJuodagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ-2IdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00OTAzNDUzOTc0NzQ1NTMwGIu5dw&sigh=dW2z1AwUEG8&uach_m=[UACH]
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
i
api.purpleads.io/x/a/e391db67135295b6338c289f51d73a17:1fd35ae9e933aa44d698c27c84b53395269c2fac3d362663bc4d059638cf956700cf74ba6bebd02e9d5533b15e6bdc8cd49afe0c4bb8b89e0c3b583a675f4eb3298c85b0a09a243... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/e391db67135295b6338c289f51d73a17:1fd35ae9e933aa44d698c27c84b53395269c2fac3d362663bc4d059638cf956700cf74ba6bebd02e9d5533b15e6bdc8cd49afe0c4bb8b89e0c3b583a675f4eb3298c85b0a09a243214446fcbe2a2d858d33a7fe4556c6fab3e22623fef8922ec73882e3c8be0b7aaae5b3b587940ae9aa342375d0ee70f281f7504b39aa30c061076cfaa71c5610b56bd81a37a02ee9f/i?id=617d4a38-bdc0-43b6-ba1c-79f5f6fc0334&ts=1647594550007
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:11 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
f3f83391-6076-41ca-aaa2-80ecc557c64a
downsize_200k_v1
tpc.googlesyndication.com/simgad/81239459027321492/ Frame 127A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/81239459027321492/downsize_200k_v1?w=400&h=209
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a92033f68f33ce204eebceaeed5bfd634b8e036cb1b4e1f7d59a97acb52c4920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 11:35:19 GMT
x-content-type-options
nosniff
age
77631
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16179
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 09:37:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Mar 2023 11:35:19 GMT
truncated
/ Frame 127A 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 127A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 127A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57765763a17d382b2bfe2cca5fa15506ce0bdcb83d133ae9c7f40687347cf0c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 127A 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:46:42 GMT
x-content-type-options
nosniff
age
210148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 22:46:42 GMT
rum
dsum-sec.casalemedia.com/ Frame AD74
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhj376nFATAB&v=APEucNUogv_0-A6p2e2tQedTNd6V-DPbcVP_Znh0_BbjrU6FINxNcPff2p9hLtdtitWYjFxypns_gGIoOdfXGNiU0S0DEMydCDkKwIRvZkdUMpKkhKDLjxDxbjrEoUjzTR0Irt8i9QQ-eeIUid9IkYv0e0YwLR1pcUU3nmUWQ1XibW6LI3IkmLA
Protocol
HTTP/1.1
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:09:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AD74
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjRMNukErPyztDBnYKzurgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhj376nFATAB&v=APEucNUogv_0-A6p2e2tQedTNd6V-DPbcVP_Znh0_BbjrU6FINxNcPff2p9hLtdtitWYjFxypns_gGIoOdfXGNiU0S0DEMydCDkKwIRvZkdUMpKkhKDLjxDxbjrEoUjzTR0Irt8i9QQ-eeIUid9IkYv0e0YwLR1pcUU3nmUWQ1XibW6LI3IkmLA
Protocol
HTTP/1.1
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:09:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AD74
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhj376nFATAB&v=APEucNUogv_0-A6p2e2tQedTNd6V-DPbcVP_Znh0_BbjrU6FINxNcPff2p9hLtdtitWYjFxypns_gGIoOdfXGNiU0S0DEMydCDkKwIRvZkdUMpKkhKDLjxDxbjrEoUjzTR0Irt8i9QQ-eeIUid9IkYv0e0YwLR1pcUU3nmUWQ1XibW6LI3IkmLA
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0d53fce6-c4e5-48b5-827f-17587713a702
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD74
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhj376nFATAB&v=APEucNUogv_0-A6p2e2tQedTNd6V-DPbcVP_Znh0_BbjrU6FINxNcPff2p9hLtdtitWYjFxypns_gGIoOdfXGNiU0S0DEMydCDkKwIRvZkdUMpKkhKDLjxDxbjrEoUjzTR0Irt8i9QQ-eeIUid9IkYv0e0YwLR1pcUU3nmUWQ1XibW6LI3IkmLA
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5f53b17e-1c11-428a-9ec7-071e469645d6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame F99A 		708 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:06:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:09:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:09:10 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F99A 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
f1d42e6898ac6ce420455cfda7146cbb27f55e8576ae154819fdbd1a4f3a6807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27978
x-xss-protection
0
server
sffe
etag
"1161 / 185 of 1000 / last-modified: 1647554768"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Mar 2022 09:09:10 GMT
rum
dsum-sec.casalemedia.com/ Frame E603
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNXJdhyvCWq5I-2Xqkj78OhAmD223UlKPRMzNnF1EFXsNAUQRppoMBclsxkkrlO5nL3gt9CA4SR5z5fNE48zd9GCWy0IZ914KZPf7V4LBSCw1X3cMl0CbFZkwTfhEPNrcSpaclRRoBTrvOAhp8HAhl2cOQnk9QV2RJ1x6o3DAzKlTRJVcbg
Protocol
HTTP/1.1
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:09:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E603
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjRMNukErPyztDBnYKzurgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNXJdhyvCWq5I-2Xqkj78OhAmD223UlKPRMzNnF1EFXsNAUQRppoMBclsxkkrlO5nL3gt9CA4SR5z5fNE48zd9GCWy0IZ914KZPf7V4LBSCw1X3cMl0CbFZkwTfhEPNrcSpaclRRoBTrvOAhp8HAhl2cOQnk9QV2RJ1x6o3DAzKlTRJVcbg
Protocol
HTTP/1.1
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:09:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E603
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNXJdhyvCWq5I-2Xqkj78OhAmD223UlKPRMzNnF1EFXsNAUQRppoMBclsxkkrlO5nL3gt9CA4SR5z5fNE48zd9GCWy0IZ914KZPf7V4LBSCw1X3cMl0CbFZkwTfhEPNrcSpaclRRoBTrvOAhp8HAhl2cOQnk9QV2RJ1x6o3DAzKlTRJVcbg
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c27263b9-55c9-44ce-a1b6-3a7ef8cf2be3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E603
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6s3FlQEwAQ&v=APEucNXJdhyvCWq5I-2Xqkj78OhAmD223UlKPRMzNnF1EFXsNAUQRppoMBclsxkkrlO5nL3gt9CA4SR5z5fNE48zd9GCWy0IZ914KZPf7V4LBSCw1X3cMl0CbFZkwTfhEPNrcSpaclRRoBTrvOAhp8HAhl2cOQnk9QV2RJ1x6o3DAzKlTRJVcbg
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
94d2a3a3-4b03-4db0-825c-373ad0146c02
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 47A8 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBrhiuP3pUcmTH58kQzQ5fQx-IF2V6nAtKge-Ex598TdZv27q8Wpo-A-hKLKlIEFQTqielCYoSMP-hkcdAQBcBIB1E3WAXcbaA-nLos-10v0e55DW0WtwOq6Jf4ItVNfxW5kTT5KzmqQWI8MBIUNwrcgwklw&cry=1&dbm_d=AKAmf-DVO1GhsaO-mtSmrIIRLWYZqJJ0-8UBlwcmaIrAY7hW68uRa4i44cILIilbvS89VG5wuvUcaQErh9GQBgAx83RXUsn3Mpxm2ppGQHgJ0XZKN4CsYCPAcfbjHCa3ExxvipAK_V06S3AE-6t7wrplg8RMgFqwFSvajsTZ8nUQOrpUmhciuziw17RkIJnA6Snrm0-v1q5jz5yBOMEhoUJyU8CXzSFAznjfLy5lMM--l8Hfi7yVMzIyUdMDMkMbQGVRzOgAul7o9DtavW0lm-mdgpwF7JVLTeEx2qaXo-CNdFQwpWFrJ9Alq6Ugrs0z-T3yG5YwSzQqGsaTOBusZGq6pIhvzLqXfrb4fq037PK9EIdYnL7dglvejFH2UQxGQmEj7SqhYToQgcoAtru1JLFRoXw5aQoHliRfBBoGjBC4kpvmoMBTdQbYBKdbNqEHRaqhSvRXRgCKR_jXukrXgP2JBs6_6dFpJ1VlDVH2yQTFzsr6U-uEukS5gDyLYzJYDKpMKQXaImPtuwp52tSnoQNoolWmoH2bez_YrkUx77wgPA1r2AI6ohffWveytZ4d5gvJ2u24c7_wm0R6V4cZMvA7zVed9C3L7DRJPnmVrmsddcuakJ8qwcL3TMfrKEvXMqq4VZLtkKA3iSJAs0nuSzpflXEti0bKrDl-XP-JWB7HZtG8AdX9pLUqA6eAZtfWT696TXEl6juWRqCGTfqT1mEDuaGeugPowPAQity6w6kb_Gc54J3-wjFkAxYLKGELSjmAzZ-hQRZxkLRwAM0uhu57qHyC2tE3k_aAaSea1ZGOkOb673HP5sD8Dj7uz_FwosGh4DMucFpXIF61ap1_0KDzRk2h5pC0aOdJ9v1ZOB7glBolrxZW-HFrlfUPQolMRVBAS1xksnKCnMkC53LhWyd9nKI48CnF5477V_-4QXQGwF418GEQ5HR5HmGiAN0oxXL4BOFQ-4Z-thKCmYLLTEuzWMHJ0JMJwCuKToyuobZPSNy9VDEYerGgnn1qR5ynfLep5_SwuJWd63UTJhLOdTRKd4xUf4oh_3G_plWzu459irYLcOGF6Rd5UG4mckY1LDoWyyV_M_hqhdJTMtLgahX3FjTjMAJWFWRmhDcun3VDq4pqE39hpg7Bky-3F1TUXe4rqWwnVaw9ypVSuvzjeYO_0c1WhhIFOSQwvFffExXCnuF-fnvX9tF9a-XJqO9F2MhoqSDFFPW6AXQJX16jvy_evyUq-pVjOr0R9gmb6MXYmA2chbcwuaxI_5lVMgnbqbXQjyGTBVJTpAy9_RD_lAnknfpX4iCiNV2AwBrXBBAa31QzwDjRaGp7vAH3HiCUuKYH5j7Xhygh9XJOfCe61DNCtPAGrFrpCr9AaFhB4JIE-SS9Vn2BJDYo8th3oiCnAsceaibErN-80yzgIz8-yyLg9o0tlLUOe6vk31bXoR5VRfAp2LG5BNjhBCNO3D3g431PV3buHfMoVJcU4tjNmjSL4CzR6fBoCxoKHUw590e5hHHQT5HMB4HIt1wi4Azv1GKBaP_pz5FmiEiwOKKYvbfdEwRwopAG2zUVlrItitM-mrvXXHGMDtc7U2i9TMVlbNy_tmueg_kVOe6LabP1H-2OFzIuDPNaDoAVSsP0fzP-J4Gs-OSz7ozoO57xFf6yearva1Pcq2mhkpZwtwggfRa0a_emMqWVX91vpFhFVCNLg5kIVMgUGCTyvwTf93BD8A6hmw4FKFq8LLXp2r1_72SRgWBW_WtCHP4nlP4TZwASKoZrBRO10iTuEidB9Gxuq2F0sftB6L8GVwgOSC00ozoJ0MMx09mdAKEH4M27kFeY5df23YTqKFRn0Bp0UXWA8qr6DjwJ_RyGpXl7mEB1i42loeTDbfd2JWMLFkud6DQuWSZxvzf1hQJqXxewBACIQwWvPRlJ6EeDN2Z8OrDkyz_hkpDdP2bAxm5wh3XSAOwi6hg8oBao6AxWNW8U6qV4aduc-rozzJJYKyqtR5KYjfe-eJ5MA0PxxomT4OieYyap3VxhJzC3VdyQl3Hog-WW00NuqZzd6ap4LBbqlTAMZqr96_vEhaDDxsqIwLkGK_kQx6pU56IiG5O_U67efF5A4OLa58mpebG9k6e5DkMIsWZENq3xDcbAfIFwa66qTVUMDROezK2s1ssBXOZ3YNzSf8H7xqcBciDcP626OFvcOIO9_2CYzNl0-FC9129TE26H01_rGkCMZ6wBALE2tj2dZf33DhjNpGa4pIgXgDifsb58eARJ4NXMp-zu0dYawtFThEQmWZhKGJUCmqeqAxoel7r-FTzSN4N_wfiZ92k2YwKg7plUGLPvd7mlVxzZkpDYOrEAOblTwFtWNV5LNffFqRr0Bry-cp702RfUxsh37Ct-Y_8phlpAGpBKpAJIZPCmK3j4X54bO2_SNTLe7QmAG19zIhds6a4_vl-JOP1VLNH-DG7Eotbo2MsyA7NXqaztkkUAYpa6Ear11fPLYsD_sC23_ybNPHBcOpKYpbTcqL8tPPYzxOEIQ4uVgcZnqBE0irAKFn8E2CjlfvO3exjx5spUPJ3WLEnpfCY7WzE6O7hFdaR0S4SDSrdZ0TEWAYcRSutVnpHq5130NXzyYhOQ7A3WsU04F5fiwR0ehNsIhdJFOvwhomji8jfKttvAjTQHhRaO-jikGxlzz8FANemjgHYaIlNWIMtrSwT5Wlammy5rjsQMIwunioOwiJ0SVV0jNqvUBzAv8mzwma3yLuy9Wc82K6knLhdy_cRauMnhwnQsKF5Xc8bwByDrSc0IeNrh6ufWG8sjyvTAzWyIeC4xLietXfsGHuAXd_dwZf-HtsmLSsOrXx2H-a343-U8czphva3znAxsP_NFQRanDvVrSP3K8fPuoWo-Xmt8KcshnX3v28-ODnUYulIyqdrZLnjcrbklBjRs-Leel8QNBa8y-P5vE8YaGrU3RpEEjYdtVHKMWZYYsu3fEvaK0aA3O12dC9p3fnQyaaP5Z1zlGPYaJRLTEhGnM-WnBC6jzgCws94yBj8RI1cmAcpJ-S6rHWvpmq8Y3m20wtMqp6IEtZtHe0q7dWew_E2MtIyl0Pha_eKSlhu9GqDDWjS6eaITtcCFIeJqoZOmHEYts3u5dEKE1BetvRgy0jGb--AH3Hlnwd0qIPyQymVlWBnJM_hIR5qpfc2Brd7kOn8qdwPw-2eTGK990S0X3AbdJJUZiMwtp6hPOyxxgIlhf4bFDhKTxut0EPa90pFot3vOateJ0uNjKyZ_9gV5Ay-e&cid=CAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 09:04:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 47A8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBrhiuP3pUcmTH58kQzQ5fQx-IF2V6nAtKge-Ex598TdZv27q8Wpo-A-hKLKlIEFQTqielCYoSMP-hkcdAQBcBIB1E3WAXcbaA-nLos-10v0e55DW0WtwOq6Jf4ItVNfxW5kTT5KzmqQWI8MBIUNwrcgwklw&cry=1&dbm_d=AKAmf-DVO1GhsaO-mtSmrIIRLWYZqJJ0-8UBlwcmaIrAY7hW68uRa4i44cILIilbvS89VG5wuvUcaQErh9GQBgAx83RXUsn3Mpxm2ppGQHgJ0XZKN4CsYCPAcfbjHCa3ExxvipAK_V06S3AE-6t7wrplg8RMgFqwFSvajsTZ8nUQOrpUmhciuziw17RkIJnA6Snrm0-v1q5jz5yBOMEhoUJyU8CXzSFAznjfLy5lMM--l8Hfi7yVMzIyUdMDMkMbQGVRzOgAul7o9DtavW0lm-mdgpwF7JVLTeEx2qaXo-CNdFQwpWFrJ9Alq6Ugrs0z-T3yG5YwSzQqGsaTOBusZGq6pIhvzLqXfrb4fq037PK9EIdYnL7dglvejFH2UQxGQmEj7SqhYToQgcoAtru1JLFRoXw5aQoHliRfBBoGjBC4kpvmoMBTdQbYBKdbNqEHRaqhSvRXRgCKR_jXukrXgP2JBs6_6dFpJ1VlDVH2yQTFzsr6U-uEukS5gDyLYzJYDKpMKQXaImPtuwp52tSnoQNoolWmoH2bez_YrkUx77wgPA1r2AI6ohffWveytZ4d5gvJ2u24c7_wm0R6V4cZMvA7zVed9C3L7DRJPnmVrmsddcuakJ8qwcL3TMfrKEvXMqq4VZLtkKA3iSJAs0nuSzpflXEti0bKrDl-XP-JWB7HZtG8AdX9pLUqA6eAZtfWT696TXEl6juWRqCGTfqT1mEDuaGeugPowPAQity6w6kb_Gc54J3-wjFkAxYLKGELSjmAzZ-hQRZxkLRwAM0uhu57qHyC2tE3k_aAaSea1ZGOkOb673HP5sD8Dj7uz_FwosGh4DMucFpXIF61ap1_0KDzRk2h5pC0aOdJ9v1ZOB7glBolrxZW-HFrlfUPQolMRVBAS1xksnKCnMkC53LhWyd9nKI48CnF5477V_-4QXQGwF418GEQ5HR5HmGiAN0oxXL4BOFQ-4Z-thKCmYLLTEuzWMHJ0JMJwCuKToyuobZPSNy9VDEYerGgnn1qR5ynfLep5_SwuJWd63UTJhLOdTRKd4xUf4oh_3G_plWzu459irYLcOGF6Rd5UG4mckY1LDoWyyV_M_hqhdJTMtLgahX3FjTjMAJWFWRmhDcun3VDq4pqE39hpg7Bky-3F1TUXe4rqWwnVaw9ypVSuvzjeYO_0c1WhhIFOSQwvFffExXCnuF-fnvX9tF9a-XJqO9F2MhoqSDFFPW6AXQJX16jvy_evyUq-pVjOr0R9gmb6MXYmA2chbcwuaxI_5lVMgnbqbXQjyGTBVJTpAy9_RD_lAnknfpX4iCiNV2AwBrXBBAa31QzwDjRaGp7vAH3HiCUuKYH5j7Xhygh9XJOfCe61DNCtPAGrFrpCr9AaFhB4JIE-SS9Vn2BJDYo8th3oiCnAsceaibErN-80yzgIz8-yyLg9o0tlLUOe6vk31bXoR5VRfAp2LG5BNjhBCNO3D3g431PV3buHfMoVJcU4tjNmjSL4CzR6fBoCxoKHUw590e5hHHQT5HMB4HIt1wi4Azv1GKBaP_pz5FmiEiwOKKYvbfdEwRwopAG2zUVlrItitM-mrvXXHGMDtc7U2i9TMVlbNy_tmueg_kVOe6LabP1H-2OFzIuDPNaDoAVSsP0fzP-J4Gs-OSz7ozoO57xFf6yearva1Pcq2mhkpZwtwggfRa0a_emMqWVX91vpFhFVCNLg5kIVMgUGCTyvwTf93BD8A6hmw4FKFq8LLXp2r1_72SRgWBW_WtCHP4nlP4TZwASKoZrBRO10iTuEidB9Gxuq2F0sftB6L8GVwgOSC00ozoJ0MMx09mdAKEH4M27kFeY5df23YTqKFRn0Bp0UXWA8qr6DjwJ_RyGpXl7mEB1i42loeTDbfd2JWMLFkud6DQuWSZxvzf1hQJqXxewBACIQwWvPRlJ6EeDN2Z8OrDkyz_hkpDdP2bAxm5wh3XSAOwi6hg8oBao6AxWNW8U6qV4aduc-rozzJJYKyqtR5KYjfe-eJ5MA0PxxomT4OieYyap3VxhJzC3VdyQl3Hog-WW00NuqZzd6ap4LBbqlTAMZqr96_vEhaDDxsqIwLkGK_kQx6pU56IiG5O_U67efF5A4OLa58mpebG9k6e5DkMIsWZENq3xDcbAfIFwa66qTVUMDROezK2s1ssBXOZ3YNzSf8H7xqcBciDcP626OFvcOIO9_2CYzNl0-FC9129TE26H01_rGkCMZ6wBALE2tj2dZf33DhjNpGa4pIgXgDifsb58eARJ4NXMp-zu0dYawtFThEQmWZhKGJUCmqeqAxoel7r-FTzSN4N_wfiZ92k2YwKg7plUGLPvd7mlVxzZkpDYOrEAOblTwFtWNV5LNffFqRr0Bry-cp702RfUxsh37Ct-Y_8phlpAGpBKpAJIZPCmK3j4X54bO2_SNTLe7QmAG19zIhds6a4_vl-JOP1VLNH-DG7Eotbo2MsyA7NXqaztkkUAYpa6Ear11fPLYsD_sC23_ybNPHBcOpKYpbTcqL8tPPYzxOEIQ4uVgcZnqBE0irAKFn8E2CjlfvO3exjx5spUPJ3WLEnpfCY7WzE6O7hFdaR0S4SDSrdZ0TEWAYcRSutVnpHq5130NXzyYhOQ7A3WsU04F5fiwR0ehNsIhdJFOvwhomji8jfKttvAjTQHhRaO-jikGxlzz8FANemjgHYaIlNWIMtrSwT5Wlammy5rjsQMIwunioOwiJ0SVV0jNqvUBzAv8mzwma3yLuy9Wc82K6knLhdy_cRauMnhwnQsKF5Xc8bwByDrSc0IeNrh6ufWG8sjyvTAzWyIeC4xLietXfsGHuAXd_dwZf-HtsmLSsOrXx2H-a343-U8czphva3znAxsP_NFQRanDvVrSP3K8fPuoWo-Xmt8KcshnX3v28-ODnUYulIyqdrZLnjcrbklBjRs-Leel8QNBa8y-P5vE8YaGrU3RpEEjYdtVHKMWZYYsu3fEvaK0aA3O12dC9p3fnQyaaP5Z1zlGPYaJRLTEhGnM-WnBC6jzgCws94yBj8RI1cmAcpJ-S6rHWvpmq8Y3m20wtMqp6IEtZtHe0q7dWew_E2MtIyl0Pha_eKSlhu9GqDDWjS6eaITtcCFIeJqoZOmHEYts3u5dEKE1BetvRgy0jGb--AH3Hlnwd0qIPyQymVlWBnJM_hIR5qpfc2Brd7kOn8qdwPw-2eTGK990S0X3AbdJJUZiMwtp6hPOyxxgIlhf4bFDhKTxut0EPa90pFot3vOateJ0uNjKyZ_9gV5Ay-e&cid=CAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 13:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 13:40:29 GMT
truncated
/ Frame 4CAF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41d512788cf5c9ae51842fb943155b47f9de506a88872b8690843772e780ccb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 4CAF 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:46:42 GMT
x-content-type-options
nosniff
age
210148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 22:46:42 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 44B9 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_upqU9cRyP2XUJCzP7KiiYaCyKGthc0ipW3fvHb_6WSSoVWJxIV0jqVilmKekDRjGpaCAhrxrTmCkIWb1Tr8lBLVmw26nxo9UA52GbCotV7e_Bm8l8qRKuIKFowJbr8ySHS3pc4zChmk6QKP9Yygb_TrVnA&cry=1&dbm_d=AKAmf-DVepVLDzkGH16h85iamQi8JRxGFJI7xWf43yy-l9JSzXqSuZigGIbnPrxgIZQgBBFpjaVyDsPvanAfE_rI3eoty3zR1xkg119CwRoeb7qWMUP5PxFgKUjEA8d2XEEsjnvceidlOB5bV47KiGhtbULD9xz5A2FYL0yej5qqKUXqqaymzSrsrMESLLSL427LPfbinI9jgaqpZF0s4K5yn7ktEY7m6hUU2k6sXULHPGwdJyEFFvXX4EoT38sQnzf3-FK0oMDXH38q0D_7SBLg6pUWWZFhrLfBkd9qZijPJeX4YATzSsQM1WCmi7aHaql9G2nO-FJnBruEP1yWZpik6mLwsVFrUz5ODzphvoWZgrRu9JVomce8JzWnl-y-7E2ot7w7M2dCS0X3GktbaXesRf0xS-J7EhzJbTWlO8sK6szXvT2MnTvoe1hDgLAWYfUTxvU4gqKqgzXCLUozpgpv8xvPpB1YHnIajxfFoEl1SHDBcHmmWXBSLb6jPXJIOxNuuv0bBM2hGV6rB7G4VcVjbhWXDiuXTSF8LCy_sQir8-wss4iMbdrwYWcJr35aKSb-9ApVnBfDBPhYlCJ6WCQPdvCNrtinHrelhJn3Khcmr-_2mSMuZeZvD67JB3VrWVblzdL8oizLSemiUKBfH_LZr28w6rN8A9zYcDnuUNjRLfsiiojH19TvJDrVI7ZzyJDHndmEzVCKKN8kiy4lUyT4VDZTdz6X6KzzTUF5HvubwflPrJPJ3tI9_qwRk1ytiZGxRo05q-LNApPyo65VrCtTEkbaK1a8vL8W4TP9215rARDMX4t3ZiiCANtMT7ECI3Jfowx6jIsC2sXxBGZWbuGV_--1dpfx6dGmrvx5oJGDW1Svs7bFBs0rMtBKufQqrdr-QESSuJ_vtibKwtV0WiL_e9ZakHen7xVTbSBXEEXkl3P7rxit0ONcOT2e5CZMNcdJYY8mNvF-vA-evPk6bzyMZbmOhaUb1iS9k841YDLjZDFuhK617OXUSl8a0UxQoHDcrO5nbR_hplIAZdUp0TreY-E0NX2h4AQ_2HyySgGP0RQ9D0GysaJs2VofpDsynXc6i3mThbVWtD9-SjMCZVkIjCstAjLpZdWTaN7NDSurShvTZ3Re5O6gUS7uL5SXHBBD0jPtzrwX3ZdBVetI7nnobSYIyJz-sa4dDYj_5b6BrNtIwY0pf1bRaMYGOrqibPF50pSzlfw6hvdzf5YnZIZ-nPqmyYNCi3cXkXt-asMsVax-itKGrTYVeSEJHnr6ESTK-d2D6-bm6sjcWl8SAbrhSHWBhDniCUr0lJkqNqNuRIVIPFHVYYgNctztPbqS2GfPQ2cgTUQSQDsAQbz_61SdjxsoS0SGr6ao5qQc6iKRxbqUEMkiLX_xgWVrMAVBn4QeAZfPSdcjzCSDMYPSP7XmMCC7s1pSaaCf6V-sPx7HiyHcj-y1TViI9A0CktyoC8ZifMZahQMGiiHO1aBBsN4DjKQTgQAX3HXsoHfvDqgVrYdAnxoqgweA851Sh6TABlW-rzVoK3MbbcuAXtGvEXmY1P8hOhGi5iUz8bn4k1LOvfpYIG41dURQN5QXifTW7SF_T4lAWQPL4E9l8dg-ABflZsWPqWRg0jiG6qcPRTufbKlXKPbuv1QGhA4wGPF6jxVg9vPeMwlo3MTNa2AxyQ0OrLqIXpG5qBvTuoeZfyzA3GrUtAOP4fSwLGRJ6qzCslRHXKycKB5hyfqef4VTxWRPqtMO9opJTopGr5X_xWt_mrtMh8JpFEmGGRb1KxMYki0kGmTcoLvcUh2eOBITQaBisWRf7QC6oPm7angczwbRpggDrGTDn-Qo502q40iPPwjv7rZGcXRY1zYyNju39S_NuyyTrceokmpLR_95-DMvVi-vsCPyQ0ROBlLZOH1QM8C-wyUJNRiUm2YOq_G1iK1hVsInF2ODeLxxeGSr02xGxARPN_WAqNqqibTxKNyFb3_cpxnYS-eDHT0dCVasHnsyi46qxA5AY1zpjXkj2xwzqgm0qeVzddGOBGsUYe_l5Boj5jWFgqZFJJBx_9dVkYT83Aw27VjVFInX5zAJHyPqvZXXRykKZedqQv8jABtNkH67MYdpCJ4Obrvl-GpM69ZKYdi3THMvysBnY6FgJoW8sdlFmZfFRCdUavLBXIrDdUCtw2_zA4ahKIQ-A6mtv6hBTl4FGmzhxAdkIuh_GuychnYLcoLZLsXswVKo11uHy1Soq1F-U3LQAUIswfhzzzzS4ETAjYHIqvKqyzW-Ei14qXoPeyMdYqUfoXgvI-A0wFbtKRVWo8iH1JvDWcK0p5n1gPHt7WySuKCUiVtmhbd_n2R4sa1XvPVVEh0GXiCLVHYc2yvACyJfNDMWEI8B1NBXTM_riuyyeoCuOy0EMU-uGIPEpoGrAl64bSEtTsoHHs1MploH0HlVo7SIcuEIhF5jJ841esQ6MC-RyVE3MWf1q9ARyg2g9YMxHymSfZWqremn7VALcGUa6_XCBeFBcx9uz_LIQhWfDL4VvegzwodNka08IZWCO7Dn48g5FVd4hdLqL9xJOteesV_bVN9dwCEyiaf6krthY359Nn893ZHluuP5HFlFRyc6d-ps0ZGW_n0ewXjTiL1kYAxjmr0I46byUZwSr8Cph7l9GD1zbzzLpnA7q8LPHSBn64xo3eqODZPCik9W9JG4j0PCETk5Ui49sgNV1y9aPURRi-E0ErV8DJLK_q9arEYPDrOrk55U0wa1R7teqP64bGuzgneTchmWeTbAf-lpXP_j97RMPa_FG1mulKte3bELnMj3pXD9ToNQYmwUV_yZeIsDyciI272Cd1GY0BrMbKXr2KmhYUHZrxOqW4FM5IL5JEUQM74s-pPvbVSnmoEY9xoU5C8988XsjBIsXeIQ7AJAO86CHxkLFCOa_neT_1J0DLAO1LNYvtn1n8tayU_4M7aJ9vlgPJjWpuM66Z7SIuR1VzMk9SKjEdmp7N4F6oQh6JwrJDtNGErgb8Xp7al71-_KZTJp1T_eKie_x1BkyPF4-yCoU3hkmAvjhDDAznZOOOCT9M2y_o_GbK6utpa1C2H9hGnF5ZQZMKiWz4ei1XhEwhz2dTMHm2AKiyBJ9HebQZBZ5Ib90yGermP1upKF_zG3dU0FlFLrv2QDlyCvjD0w7nQRjaPXdcDWoQWEA8jGly90C2lNGmA00JmIZ6-wQ5EGqbHbjvpjK1PkW_NaCQQ1nMdOYO8dmv9oNQhlf5y4JxhTaumIG4abvIYiN4QK&cid=CAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 09:04:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 44B9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_upqU9cRyP2XUJCzP7KiiYaCyKGthc0ipW3fvHb_6WSSoVWJxIV0jqVilmKekDRjGpaCAhrxrTmCkIWb1Tr8lBLVmw26nxo9UA52GbCotV7e_Bm8l8qRKuIKFowJbr8ySHS3pc4zChmk6QKP9Yygb_TrVnA&cry=1&dbm_d=AKAmf-DVepVLDzkGH16h85iamQi8JRxGFJI7xWf43yy-l9JSzXqSuZigGIbnPrxgIZQgBBFpjaVyDsPvanAfE_rI3eoty3zR1xkg119CwRoeb7qWMUP5PxFgKUjEA8d2XEEsjnvceidlOB5bV47KiGhtbULD9xz5A2FYL0yej5qqKUXqqaymzSrsrMESLLSL427LPfbinI9jgaqpZF0s4K5yn7ktEY7m6hUU2k6sXULHPGwdJyEFFvXX4EoT38sQnzf3-FK0oMDXH38q0D_7SBLg6pUWWZFhrLfBkd9qZijPJeX4YATzSsQM1WCmi7aHaql9G2nO-FJnBruEP1yWZpik6mLwsVFrUz5ODzphvoWZgrRu9JVomce8JzWnl-y-7E2ot7w7M2dCS0X3GktbaXesRf0xS-J7EhzJbTWlO8sK6szXvT2MnTvoe1hDgLAWYfUTxvU4gqKqgzXCLUozpgpv8xvPpB1YHnIajxfFoEl1SHDBcHmmWXBSLb6jPXJIOxNuuv0bBM2hGV6rB7G4VcVjbhWXDiuXTSF8LCy_sQir8-wss4iMbdrwYWcJr35aKSb-9ApVnBfDBPhYlCJ6WCQPdvCNrtinHrelhJn3Khcmr-_2mSMuZeZvD67JB3VrWVblzdL8oizLSemiUKBfH_LZr28w6rN8A9zYcDnuUNjRLfsiiojH19TvJDrVI7ZzyJDHndmEzVCKKN8kiy4lUyT4VDZTdz6X6KzzTUF5HvubwflPrJPJ3tI9_qwRk1ytiZGxRo05q-LNApPyo65VrCtTEkbaK1a8vL8W4TP9215rARDMX4t3ZiiCANtMT7ECI3Jfowx6jIsC2sXxBGZWbuGV_--1dpfx6dGmrvx5oJGDW1Svs7bFBs0rMtBKufQqrdr-QESSuJ_vtibKwtV0WiL_e9ZakHen7xVTbSBXEEXkl3P7rxit0ONcOT2e5CZMNcdJYY8mNvF-vA-evPk6bzyMZbmOhaUb1iS9k841YDLjZDFuhK617OXUSl8a0UxQoHDcrO5nbR_hplIAZdUp0TreY-E0NX2h4AQ_2HyySgGP0RQ9D0GysaJs2VofpDsynXc6i3mThbVWtD9-SjMCZVkIjCstAjLpZdWTaN7NDSurShvTZ3Re5O6gUS7uL5SXHBBD0jPtzrwX3ZdBVetI7nnobSYIyJz-sa4dDYj_5b6BrNtIwY0pf1bRaMYGOrqibPF50pSzlfw6hvdzf5YnZIZ-nPqmyYNCi3cXkXt-asMsVax-itKGrTYVeSEJHnr6ESTK-d2D6-bm6sjcWl8SAbrhSHWBhDniCUr0lJkqNqNuRIVIPFHVYYgNctztPbqS2GfPQ2cgTUQSQDsAQbz_61SdjxsoS0SGr6ao5qQc6iKRxbqUEMkiLX_xgWVrMAVBn4QeAZfPSdcjzCSDMYPSP7XmMCC7s1pSaaCf6V-sPx7HiyHcj-y1TViI9A0CktyoC8ZifMZahQMGiiHO1aBBsN4DjKQTgQAX3HXsoHfvDqgVrYdAnxoqgweA851Sh6TABlW-rzVoK3MbbcuAXtGvEXmY1P8hOhGi5iUz8bn4k1LOvfpYIG41dURQN5QXifTW7SF_T4lAWQPL4E9l8dg-ABflZsWPqWRg0jiG6qcPRTufbKlXKPbuv1QGhA4wGPF6jxVg9vPeMwlo3MTNa2AxyQ0OrLqIXpG5qBvTuoeZfyzA3GrUtAOP4fSwLGRJ6qzCslRHXKycKB5hyfqef4VTxWRPqtMO9opJTopGr5X_xWt_mrtMh8JpFEmGGRb1KxMYki0kGmTcoLvcUh2eOBITQaBisWRf7QC6oPm7angczwbRpggDrGTDn-Qo502q40iPPwjv7rZGcXRY1zYyNju39S_NuyyTrceokmpLR_95-DMvVi-vsCPyQ0ROBlLZOH1QM8C-wyUJNRiUm2YOq_G1iK1hVsInF2ODeLxxeGSr02xGxARPN_WAqNqqibTxKNyFb3_cpxnYS-eDHT0dCVasHnsyi46qxA5AY1zpjXkj2xwzqgm0qeVzddGOBGsUYe_l5Boj5jWFgqZFJJBx_9dVkYT83Aw27VjVFInX5zAJHyPqvZXXRykKZedqQv8jABtNkH67MYdpCJ4Obrvl-GpM69ZKYdi3THMvysBnY6FgJoW8sdlFmZfFRCdUavLBXIrDdUCtw2_zA4ahKIQ-A6mtv6hBTl4FGmzhxAdkIuh_GuychnYLcoLZLsXswVKo11uHy1Soq1F-U3LQAUIswfhzzzzS4ETAjYHIqvKqyzW-Ei14qXoPeyMdYqUfoXgvI-A0wFbtKRVWo8iH1JvDWcK0p5n1gPHt7WySuKCUiVtmhbd_n2R4sa1XvPVVEh0GXiCLVHYc2yvACyJfNDMWEI8B1NBXTM_riuyyeoCuOy0EMU-uGIPEpoGrAl64bSEtTsoHHs1MploH0HlVo7SIcuEIhF5jJ841esQ6MC-RyVE3MWf1q9ARyg2g9YMxHymSfZWqremn7VALcGUa6_XCBeFBcx9uz_LIQhWfDL4VvegzwodNka08IZWCO7Dn48g5FVd4hdLqL9xJOteesV_bVN9dwCEyiaf6krthY359Nn893ZHluuP5HFlFRyc6d-ps0ZGW_n0ewXjTiL1kYAxjmr0I46byUZwSr8Cph7l9GD1zbzzLpnA7q8LPHSBn64xo3eqODZPCik9W9JG4j0PCETk5Ui49sgNV1y9aPURRi-E0ErV8DJLK_q9arEYPDrOrk55U0wa1R7teqP64bGuzgneTchmWeTbAf-lpXP_j97RMPa_FG1mulKte3bELnMj3pXD9ToNQYmwUV_yZeIsDyciI272Cd1GY0BrMbKXr2KmhYUHZrxOqW4FM5IL5JEUQM74s-pPvbVSnmoEY9xoU5C8988XsjBIsXeIQ7AJAO86CHxkLFCOa_neT_1J0DLAO1LNYvtn1n8tayU_4M7aJ9vlgPJjWpuM66Z7SIuR1VzMk9SKjEdmp7N4F6oQh6JwrJDtNGErgb8Xp7al71-_KZTJp1T_eKie_x1BkyPF4-yCoU3hkmAvjhDDAznZOOOCT9M2y_o_GbK6utpa1C2H9hGnF5ZQZMKiWz4ei1XhEwhz2dTMHm2AKiyBJ9HebQZBZ5Ib90yGermP1upKF_zG3dU0FlFLrv2QDlyCvjD0w7nQRjaPXdcDWoQWEA8jGly90C2lNGmA00JmIZ6-wQ5EGqbHbjvpjK1PkW_NaCQQ1nMdOYO8dmv9oNQhlf5y4JxhTaumIG4abvIYiN4QK&cid=CAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 13:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 13:40:29 GMT
rum
dsum-sec.casalemedia.com/ Frame EBF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNURSGm5UkYt0ga1SA6FfsYCTOftXO0bvMcFXBs8ibLkPyrcK-_b2nPIFnfeHfKx77F7JiTOd5GrZ5rOBs4ygAjq_bfHVah59tR_9nMCAddDKwgxTMVmSctLGwWkUVnn4PTPqjICWKN9VvJ1-bNcLZINm1Lb_K9Md_Tbr4UQo4YEpQM8NoY
Protocol
HTTP/1.1
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:09:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EBF1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjRMNukErPyztDBnYKzurgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNURSGm5UkYt0ga1SA6FfsYCTOftXO0bvMcFXBs8ibLkPyrcK-_b2nPIFnfeHfKx77F7JiTOd5GrZ5rOBs4ygAjq_bfHVah59tR_9nMCAddDKwgxTMVmSctLGwWkUVnn4PTPqjICWKN9VvJ1-bNcLZINm1Lb_K9Md_Tbr4UQo4YEpQM8NoY
Protocol
HTTP/1.1
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 18 Mar 2022 09:09:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4lfgPqd67rLFWaUcMnBSU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame EBF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNURSGm5UkYt0ga1SA6FfsYCTOftXO0bvMcFXBs8ibLkPyrcK-_b2nPIFnfeHfKx77F7JiTOd5GrZ5rOBs4ygAjq_bfHVah59tR_9nMCAddDKwgxTMVmSctLGwWkUVnn4PTPqjICWKN9VvJ1-bNcLZINm1Lb_K9Md_Tbr4UQo4YEpQM8NoY
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9b103d7c-d947-4f43-ac4c-428a85ccae94
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHbq5jtZLqtq5FTUZBYhHvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EBF1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNURSGm5UkYt0ga1SA6FfsYCTOftXO0bvMcFXBs8ibLkPyrcK-_b2nPIFnfeHfKx77F7JiTOd5GrZ5rOBs4ygAjq_bfHVah59tR_9nMCAddDKwgxTMVmSctLGwWkUVnn4PTPqjICWKN9VvJ1-bNcLZINm1Lb_K9Md_Tbr4UQo4YEpQM8NoY
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ea5f927-2937-4371-a167-892eaf2efefe
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAxNDA3ODYwOTcxMzA2NDgyMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 4DFA 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMSsKdDtwi7ATSUAwVDTv6_jOns2S_Xsc81aSbfPmWLoDzX6daVrdZMqPhv98wnTPYT1WikwoFLY3AZTD3JZYqDyQ_G0S89T9NhR1Xm3hbd9CJJjFVLkhfKl6vj03vz3F2SUXqKSnd8Q2ryioO391ttPGkmw&cry=1&dbm_d=AKAmf-Cs9zkDpZeI6I3fDfcQV_Wh9ETNKMHkDnTRHNDX083O44tZBYhJ0YndSZ7q1FUjznDjccM9xN-VIgtew-LKefc_b9_kOiB9xV1-Pyg7H25Vjg4gw8Ga9Vv5ymCkc-2O2qnGJ82K9d3sKu7FMVRicUcW3t_88wwiVWTBEg3oeVTwJkuJpa-F9Nh_tP6mbXMH4QCyM_vI1qg0VYLay1bcots-XUXxKP4yzM5tIFTSqbwN__isIHygt_4q7NlzJiF3kooIYtW1D1qsqKTUeuEcxh7oS-rz2P2YjvKlWuR0A56w9MwSDHZMPeEQBslJ9u0jqmkHYikQgz7cZJICIvLwbfNu1j4avs0NIQb9NEq6OyzTSeTGOl-bmGPMPLC_tp4i8mkYQoeYKLGGRlw4PH-2U4zINJvzqZRMkEECg2DIWGnzTX40h5vm7DR_vfHWaNv5pjN3HMDxw31IUVPwC7zwOh7tFJJdCN12IIqlny3-VhB3dy_PlIcHAhfrARtTxJN7UUDahNj3fQem9fpetgL2yE2gHQnwc9HqraxXNYBwQ-0LjW-eKUCepv_9eds2KqhVMTqqJToyinYYLVWstSWXvQ-y8gr4TcPKVWBKD0g5gAvAkjAs6XC1cQ6xWmlnwODqQfq5KOx3zmTXArnnPm0RNODpCwuPXlbEAztILbSMv4XskR2H13jhir4atR7oolhsRGTbQpWTGUobyBfIp5k_8VgTGRYrWzgxikeeqgknGN8He26Oge1WDkBOkvRlnrLArnI2XruFI6lraPY0BqzK6IToBAA3tmwBJPtgDaYdSKu4vI5UwnaWDFHQ-5SxEE6VUrZcpkVJoS2J9ufwS181TQIriBtPkg00X-oPXoLh2W5mWrCoLSa4mtBqU7IZ4m6osKj_9yLhs24wwyfI5DMTNjlP-oa8Ta-kl91ksi0kUDkwIyKzCQFLyIka4jcfcByGSeQ-_oWsDwX1OIhbdhBqAoYPMb7W7xh_qenZgDetMeYonz4OmVQPFuifcNKGF0tOImhKlVBZtVSqfRqrES2TaOXQz19XVf0hE9a-HxVOmZGpTAbBjC-0j6Lnt6shJjZ7F8BaTbROAQMY98WH9YYFGeMewD7ppECwdA79D0fj9PJSDnyl4hnC4WyLoAQsR9rNe6zWa2MqzVuT1ThVtd1tU-Y_7ldrSBSbgPA8pj8Q2Akm698cW2gI4Fp2k0_GYWt-SvO2FYjs9lz_O_Sdka1HENAS7GipGF-xf_SPaIJn9UYujgwmWGEyz44Z_mpTjJ7pJIitxJVjFrhmyJ-t1bqBnrV9lXulDTHoNgZeQx-STv4aAWiPASQsMw8UobTnU1tHufwaIYTEcvrQFXZo-TV3IqWKyovjsMu3bHwgD54NdNmKIgv8MsqySSATdNZcsWUvRmLfCbHRYpF0vy73Z-WhB90urYWC4q10SdC33JWTQcvHWsvjqCc9wp9DNtbPSrq9kvRhdl7dS5i_9tcZyAvU5gYVP0ExzqxbdhFTOur2oslwa7-r0DEr8Dr1Z7HeOnMqpYmqmqFvLO8Nefd1qpAMFVdGpDUkMoKrVnSA4ECWjuaPXeZveNMDmZ3zYWtcONP6hu0juhU8BDTJxoj5AWAXhdUE4I8nArGWrt3_29rOLC19WcnECpwVLNEgybQd_v9YXufppS7af7UIHb8ehr1XgYtnariOwgKCyYraPWNGT8ODCpCxMHCvG6Lq2-umPbkOS3TG9qywVyE8sQOyUL9raDIJsxHEU6-yJsOwZF29Xnl8t66gHkzARcuGp432oAe_teCQ50GAlT9pPUkQlTs_eTm_Q0U3R9ZZib_JyrcyF-e80z5lrsaJtnnUpgnWRqHXIvcm7MP54bkp0X3Tp-VEE-GCojttiD4tIZ496pn2lBk6r3ZcdZmNNH1z_6ozIg7TkTExKsHirXjwQxKO42TYeRJIHYBQ1GW6DgSToWloUzrasgqswkmEd1lT6uOgZlUli8FnPQESGSHzTkGJcidtjw1dF0DGmwUOe5iHlXv2tf6qbtDkJ1vqiLPNuSdhxbcCqWsosFAaGGB8W0fvoP6fkCS7yHKmp6lnmUrs1-nux9tpRgpa7mmDleX0rPaJ0c-84ZA52CWfSY81QOmS8p4cpiS-nykEqOzUAGdoU3AOScQmGc7hS6rcAODg0_tWefbhJmiSdaMGxwJh8SIr0gVbVP1yea6b7He6gDBNg0MPeNozGk0YjnSN7xaXoA3JA9QrAvR9aUGsXPAsgjTrdZX2eGi3ci8BWJVNDm17Vf4oIdCJApWII2ra-pT6BVPBGlwyYKvd1oP90I5zKc4tyk1UtqvOC6qsQ_OTIpPFvIAyHJNTZ-9l7AS7hAX5pjK6tV7lhIQYDPf0kCKynXGdkOS_UCBUi5AgNjvncquHR88iulFP9LzyJdhoqRh_UiOFMv8Z47CAtxy2TyFMvq11l8I3C3qKXL5cz5a-9fcOtqxgMQmfEtD5uLNW4aNrDGaRVH2hjRealfAvl-xKMB7MpzxyQm0xDVrmvEbaEc5GJ9rDPyAGKK0j-CE13i6ZOVlj74eMkQoa--O1mWH-vTtm7d1piMkfrp_4U9I7fa_Il1XMEYUa-IEUdCdp-DOqnoiIHsYNMz8oZI4uqnxq82c2MEiZPwTaMSvI8AlxYHzSxnfjVGwEFf_jnCgj0hHr5U1I1ZjdeUrzBHqOvHfdtPSpYF2W0oI3ueZsffLaeDja_4bYOHlY-5CPrAYrhf6PWyUvsE9rkDx88ibC87TydZHhMq_FMWLUzReV5OWPPDPywgBRu9bn1MKNUqBfABpk3vs8ca7OPKsgSus6OEvM-Z9G346Z826PGJ4UWnLKkyUdW_1iTy1dszrOMYI2bs4jXYwbaeyi6z6X7hL82HLah_C2o-jBfXZ-fN34Gmnc_wKRpunb9FykmG_-YLP4zym4Ot6Y1VB72SZ2hu7meHBR913M6dDDQBUQZZ-STMlB71BWzu6r8zxhM1vJFVvv5faeZaWXdb9eKlwZM3AgMK_9tSU96mXaa6Gf1iaoW-7flzWIQlGruWulYbuTBzhIr_dyelQna9cTYUJxFBLnSYM0SZ4csNg0L3gS3JwitHV6pepEzwLqZ_Ie78DtFECiARI_fV4F6Lvd-QPyLn1XDJSE-ggSrGyl_XldLgKmrEjOKrwV6DyfnUJnk5DlH6TyXOD9L4FKARVb5lUVbA0xfF0xWkDlvQSwK7nZD3i4LRHMsXk4Plrhw9nYr0Oh1zPUdHOaow8NpkxdOze7f_Uu&cid=CAASJ-RoiMA4Gq7ZesbX633eeUDYN3nOp9nBpbfEALaRQEYnM2Ymo_UuDg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 09:04:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4DFA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMSsKdDtwi7ATSUAwVDTv6_jOns2S_Xsc81aSbfPmWLoDzX6daVrdZMqPhv98wnTPYT1WikwoFLY3AZTD3JZYqDyQ_G0S89T9NhR1Xm3hbd9CJJjFVLkhfKl6vj03vz3F2SUXqKSnd8Q2ryioO391ttPGkmw&cry=1&dbm_d=AKAmf-Cs9zkDpZeI6I3fDfcQV_Wh9ETNKMHkDnTRHNDX083O44tZBYhJ0YndSZ7q1FUjznDjccM9xN-VIgtew-LKefc_b9_kOiB9xV1-Pyg7H25Vjg4gw8Ga9Vv5ymCkc-2O2qnGJ82K9d3sKu7FMVRicUcW3t_88wwiVWTBEg3oeVTwJkuJpa-F9Nh_tP6mbXMH4QCyM_vI1qg0VYLay1bcots-XUXxKP4yzM5tIFTSqbwN__isIHygt_4q7NlzJiF3kooIYtW1D1qsqKTUeuEcxh7oS-rz2P2YjvKlWuR0A56w9MwSDHZMPeEQBslJ9u0jqmkHYikQgz7cZJICIvLwbfNu1j4avs0NIQb9NEq6OyzTSeTGOl-bmGPMPLC_tp4i8mkYQoeYKLGGRlw4PH-2U4zINJvzqZRMkEECg2DIWGnzTX40h5vm7DR_vfHWaNv5pjN3HMDxw31IUVPwC7zwOh7tFJJdCN12IIqlny3-VhB3dy_PlIcHAhfrARtTxJN7UUDahNj3fQem9fpetgL2yE2gHQnwc9HqraxXNYBwQ-0LjW-eKUCepv_9eds2KqhVMTqqJToyinYYLVWstSWXvQ-y8gr4TcPKVWBKD0g5gAvAkjAs6XC1cQ6xWmlnwODqQfq5KOx3zmTXArnnPm0RNODpCwuPXlbEAztILbSMv4XskR2H13jhir4atR7oolhsRGTbQpWTGUobyBfIp5k_8VgTGRYrWzgxikeeqgknGN8He26Oge1WDkBOkvRlnrLArnI2XruFI6lraPY0BqzK6IToBAA3tmwBJPtgDaYdSKu4vI5UwnaWDFHQ-5SxEE6VUrZcpkVJoS2J9ufwS181TQIriBtPkg00X-oPXoLh2W5mWrCoLSa4mtBqU7IZ4m6osKj_9yLhs24wwyfI5DMTNjlP-oa8Ta-kl91ksi0kUDkwIyKzCQFLyIka4jcfcByGSeQ-_oWsDwX1OIhbdhBqAoYPMb7W7xh_qenZgDetMeYonz4OmVQPFuifcNKGF0tOImhKlVBZtVSqfRqrES2TaOXQz19XVf0hE9a-HxVOmZGpTAbBjC-0j6Lnt6shJjZ7F8BaTbROAQMY98WH9YYFGeMewD7ppECwdA79D0fj9PJSDnyl4hnC4WyLoAQsR9rNe6zWa2MqzVuT1ThVtd1tU-Y_7ldrSBSbgPA8pj8Q2Akm698cW2gI4Fp2k0_GYWt-SvO2FYjs9lz_O_Sdka1HENAS7GipGF-xf_SPaIJn9UYujgwmWGEyz44Z_mpTjJ7pJIitxJVjFrhmyJ-t1bqBnrV9lXulDTHoNgZeQx-STv4aAWiPASQsMw8UobTnU1tHufwaIYTEcvrQFXZo-TV3IqWKyovjsMu3bHwgD54NdNmKIgv8MsqySSATdNZcsWUvRmLfCbHRYpF0vy73Z-WhB90urYWC4q10SdC33JWTQcvHWsvjqCc9wp9DNtbPSrq9kvRhdl7dS5i_9tcZyAvU5gYVP0ExzqxbdhFTOur2oslwa7-r0DEr8Dr1Z7HeOnMqpYmqmqFvLO8Nefd1qpAMFVdGpDUkMoKrVnSA4ECWjuaPXeZveNMDmZ3zYWtcONP6hu0juhU8BDTJxoj5AWAXhdUE4I8nArGWrt3_29rOLC19WcnECpwVLNEgybQd_v9YXufppS7af7UIHb8ehr1XgYtnariOwgKCyYraPWNGT8ODCpCxMHCvG6Lq2-umPbkOS3TG9qywVyE8sQOyUL9raDIJsxHEU6-yJsOwZF29Xnl8t66gHkzARcuGp432oAe_teCQ50GAlT9pPUkQlTs_eTm_Q0U3R9ZZib_JyrcyF-e80z5lrsaJtnnUpgnWRqHXIvcm7MP54bkp0X3Tp-VEE-GCojttiD4tIZ496pn2lBk6r3ZcdZmNNH1z_6ozIg7TkTExKsHirXjwQxKO42TYeRJIHYBQ1GW6DgSToWloUzrasgqswkmEd1lT6uOgZlUli8FnPQESGSHzTkGJcidtjw1dF0DGmwUOe5iHlXv2tf6qbtDkJ1vqiLPNuSdhxbcCqWsosFAaGGB8W0fvoP6fkCS7yHKmp6lnmUrs1-nux9tpRgpa7mmDleX0rPaJ0c-84ZA52CWfSY81QOmS8p4cpiS-nykEqOzUAGdoU3AOScQmGc7hS6rcAODg0_tWefbhJmiSdaMGxwJh8SIr0gVbVP1yea6b7He6gDBNg0MPeNozGk0YjnSN7xaXoA3JA9QrAvR9aUGsXPAsgjTrdZX2eGi3ci8BWJVNDm17Vf4oIdCJApWII2ra-pT6BVPBGlwyYKvd1oP90I5zKc4tyk1UtqvOC6qsQ_OTIpPFvIAyHJNTZ-9l7AS7hAX5pjK6tV7lhIQYDPf0kCKynXGdkOS_UCBUi5AgNjvncquHR88iulFP9LzyJdhoqRh_UiOFMv8Z47CAtxy2TyFMvq11l8I3C3qKXL5cz5a-9fcOtqxgMQmfEtD5uLNW4aNrDGaRVH2hjRealfAvl-xKMB7MpzxyQm0xDVrmvEbaEc5GJ9rDPyAGKK0j-CE13i6ZOVlj74eMkQoa--O1mWH-vTtm7d1piMkfrp_4U9I7fa_Il1XMEYUa-IEUdCdp-DOqnoiIHsYNMz8oZI4uqnxq82c2MEiZPwTaMSvI8AlxYHzSxnfjVGwEFf_jnCgj0hHr5U1I1ZjdeUrzBHqOvHfdtPSpYF2W0oI3ueZsffLaeDja_4bYOHlY-5CPrAYrhf6PWyUvsE9rkDx88ibC87TydZHhMq_FMWLUzReV5OWPPDPywgBRu9bn1MKNUqBfABpk3vs8ca7OPKsgSus6OEvM-Z9G346Z826PGJ4UWnLKkyUdW_1iTy1dszrOMYI2bs4jXYwbaeyi6z6X7hL82HLah_C2o-jBfXZ-fN34Gmnc_wKRpunb9FykmG_-YLP4zym4Ot6Y1VB72SZ2hu7meHBR913M6dDDQBUQZZ-STMlB71BWzu6r8zxhM1vJFVvv5faeZaWXdb9eKlwZM3AgMK_9tSU96mXaa6Gf1iaoW-7flzWIQlGruWulYbuTBzhIr_dyelQna9cTYUJxFBLnSYM0SZ4csNg0L3gS3JwitHV6pepEzwLqZ_Ie78DtFECiARI_fV4F6Lvd-QPyLn1XDJSE-ggSrGyl_XldLgKmrEjOKrwV6DyfnUJnk5DlH6TyXOD9L4FKARVb5lUVbA0xfF0xWkDlvQSwK7nZD3i4LRHMsXk4Plrhw9nYr0Oh1zPUdHOaow8NpkxdOze7f_Uu&cid=CAASJ-RoiMA4Gq7ZesbX633eeUDYN3nOp9nBpbfEALaRQEYnM2Ymo_UuDg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 13:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 13:40:29 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 127A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
50963
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 127A 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
12337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 19 Mar 2022 05:43:34 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame F99A 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
135521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:30 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4CAF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Fri, 18 Mar 2022 09:09:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4CAF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
50963
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 18 Mar 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4CAF 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
12337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 19 Mar 2022 05:43:34 GMT
z9erfcgupzvd
hal9000.redintelligence.net/zone/ Frame 47A8 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/z9erfcgupzvd?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOWc2Nkw0YoWmCc74gAearbXQDbXN-YNX3Ny5q-UM8C4QASC52_MmYJXikIKgB8gBCakCozIxVt6Zsj6oAwGqBNEBT9CVSf3eBCPSAiDenf1DLNSXmC8xvYX7bX5NKmOqbF8YuCgFK-cgjz7RHOKbjxHQnxTnSLljqAAdRxKTqr7UkIyWHTl890ftDeOJBeS4MPq5cSs2FL05Uktrurbr0fECd-5NZJi6jgUF8-pTv_rlxGPgG7UitArXEbWnkEfgdICABFv5nLt1SOrfwuWboNvWnaSeh2b6MULqFiNGL5NVTf47xDbcqxZeSvQQkgXQ8POiyrHFLyC4PGhhjC4QY05q95oaEqfhjDOeRobeon5s8RLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw%26sig%3DAOD64_1V4zfGEzV6Qlq29o2Z79zAZdgFRQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DezRESCSB0gyJfBipKwZX2YPjpSKoK5IRDd7jFEMT2Zt-aiGGGadvNWX9Po0iq5rbjWzcEtrUXIZV52pG3rD_8W0Ocbnl4VqhDf17U1exNFuN2hqLHpy1sq5aiADKpzrDtV44zCots-IM0AXujSqt6xd7Ujw%26cry%3D1%26dbm_d%3DAKAmf-D20__uRhc-3PbzK_lKbgemsN-5vgNOIBsgzEPJntU5ZcErGrKqjTR2Z-3-6Bi0zq-6_HRd-2lwd68YscrILZ4MKXV6S7IhllTsCpJdq5XR_agI35bGmweKptKUSuine8Z4HpOJe-lEHT1aWX0f6bM7C6e7T8GS95iuPLQH9FLy61B7fnBsavjTTv4zNraM5j4Wtl7nHpXezB0ntHLC4XJYA8Sfn70llMMjGM98nxfCWDLZ97CKgu6UDeaQJmYXcdatCI2yq1cn94Py5LCGW012mYk3JTwev5XRFd9JGRJLkFwTJwNe2-k8cOzQ92Ouwkg2MsN0LI7g07CxCKWtz7WrpvFTR_CD9aA6d9ItfJiz-xRGzC5tbH3hcw5yaGPnrPExXtE8OBbkex6nJoa8FkY8R627BK0wR_fDozrU_Tvr0GoKCZjlSGlGnNzbZTbFq1jFUgJr7Tfvfb77RPIxw4m6TAPKBQ%26adurl%3D
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
203a41ccdf684d890e47e1d2a818ffd5796f05e8fb222d2328a092788bda722e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3944
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ Frame F99A 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 08:11:12 GMT
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame 44B9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM87tNkw0YvveCsmTgAeVmY5Qtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQKfSyAyV5myPqgDAaoE0AFP0I32Qq1qEQ7m_8NlG4gq7zP4jSBpWnI8O_xIEUZeHhRj0p5KVcCPI0_IgqTLTAza1kMoCT_wM1mOBCF-uHSM1sFiH_UAXV0b900-xufa5bhjp1SSDsj4pZ8vXtVmxuaN4JUg75Wn-ma7Fl269YPHDEl079XXjj2TYhbl2SM6rDmochY7SFNZEUITMHhf_BlGchBjFvvV_PH6Xkzyu4s9EgRmqkJ0VR8mWpkhIRolJDgtQ3ShmYb393_rACcCx6JUzLIN3sEEgR3sXYMPSXkHwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o%26sig%3DAOD64_1b-AZPCc2x9WnocHuqRy1QGLN3tQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CDNKb6BnXFEa1FSxWm4pNo1lHtR5UTE1DeMC7hWDGIAbMYygXo_zgnVpAspBmjsSUm1tHSm4O81cbJmEFuxP0eILeKdEZAfXteNDXbslVWLvja0zQ9d07nl7kgodXFFF0VSpHi50R7KTPK6KmnG2p9iG7KOw%26cry%3D1%26dbm_d%3DAKAmf-DC4K5bl471eLgqGYf5mDcu3OgCnApXWB8ExlM3bvh04Y0Dn7lGIdoiSm6S91rXS0kBwM7Dif83qG8uu3ON61b8sQNYbRdamVIrBAQdO2Qxecb0GGokZ4mt6N-kLwzA8v3Dx1GYLkValu60VdS3xeNWUxxaEgQyg7MW3LzMknEseTqnW_suSaEKt3wpoUwVnw_NcwS2oLzahLTxmA8i6HOzEz6FiNZeaCowT8zGc4iyQmpnjpsHLewOox9vK4gVDKDREgnSxJdpBiTkcTeJaO4QsOu75w_-qUVEF0b8K7GcMKqHWDtaxbRaQjIAYKSJyZtCjeG_nQxY9NDe-cjZVyhDUjxpq7WH_BQYBX6N3gvKqxWqVGlT1dZkquQEGLc_sYZ_1X1r2oaGbH2exWmPUmF5hKDNGrMyw8I2EtZ_kPXAQSQNYvq3DN6evJon3cRdf2UjmtHCoc4emyA0B_JrcQITwQIqpg%26adurl%3D
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
183b25bf57fb12969d0ade4c9573cb50bc2a7fc11f6df43212d2ed6382367196

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3946
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:10 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
banner
ad13.adfarm1.adition.com/ Frame 4DFA 		568 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/banner?sid=4285695&adjsver=3&fvers=&iframe=1&ref=https%3A//nets4.com/&ro=https%3A//3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html%3Fn%3D1&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/99.0.4844.51%20Safari/537.36&os=17&browser=11&userid=0&kid=2954778&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCcxGLNkw0YvrqA5OPgAeHybOoA7WQ1%2DFo8Lz1t4IQ8C4QASC52%5FMmYJXikIKgB8gBCakCn0sgMleZsj6oAwGqBNEBT9CeN2lpGLGxiX8SO1%5FMvv9uL0P5fuXvE%2Dx3bjYkVg6%2DUMGkDu1GJ7Rvom35VSOz0EZkgMvM13KBBfNf1PzgoWK8FQpqV99JPIriOqHci0ZV791AhZ78zIO6AxOxyctTLolRkukE4PunxU%5FwD2pyIhjyljT1Yyr6ZCH07WB1XBk8idUTEendzKnxQCTwXNXh71ykXR2OvoQID1k3JMqRuksOf%5F5MNnhh4z1tBzxY%2DJTrTYwuWkxyZu2HK4DdeOatiBZ2mPjiWp0NKJGiDmB4rFjABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE92vsQ3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ%2DRoiMA4Gq7ZesbX633eeUDYN3nOp9nBpbfEALaRQEYnM2Ymo%5FUuDg%26sig%3DAOD64%5F2eHCstHqbR0M%5FC6%5FCRbc1zmWMp5Q%26client%3Dca%2Dpub%2D4903453974745530%26dbm%5Fc%3DAKAmf%2DDxvChgT377Det291mmFxZpbV1ElIfxrMtABKrVO2ty8rN7VtSnT%2DxKzKEJVKEy2ffYSrt%5F0w%2DZ3zRsHLPK0t5lHI3Rkhv7wq%2D%5FVa1dd3rrT9BoE0MsJD%2DS85ggw1f96WmP%5FjBpCOphHQXKgIPl2D8PRC7r2A%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBUJNF88RPTOR7KWdx8gb5AJfMaQKW%5FTLwVX2IKCxT6kJeQU2hyAenWxFzY%5FPW3EGHi2hEBSuS4X44tKr2C2toh47g6wGv6Cn99vAfQuZE6UuGXrdezo7rAzl0eiHwYBHK0Q9x1P87T2TUXdTvmlgIGv5IA38Yhihunv7ZayGrJ%5FK0Y0QugLWyq42AyM1F%2DwNC3gy%2DHEDe0kDiGtOA2x%5FwuObp72pwz6yDBiPbIOFApej%5FVKhBec7RJEVunsZpl2VdYFr0Y%5FdD8A4%5FWFLIBTTBUW3YwoGZ3cnrE4VI4LHvhkAEroR9X2vFXCjlPuGDu9GwVk4pefTEhCHikEDjE3L6zUGLHaFzG4aIoi3DEIVlxkUmVHk1MOh3smXyljgwCRGFSNXUDn3apJNHnKI0LjSav0RwhB8YyhadjwI4STXJv%2Dj8TsLcfzhaiqLwwedc4augGSI7Lnwfqaacsr%2DadGKJurDerLaE5%5FmXXIjJI3LqNWhieuAo%26adurl%3D
Requested by
Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285695&kid=2954778&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCcxGLNkw0YvrqA5OPgAeHybOoA7WQ1-Fo8Lz1t4IQ8C4QASC52_MmYJXikIKgB8gBCakCn0sgMleZsj6oAwGqBNEBT9CeN2lpGLGxiX8SO1_Mvv9uL0P5fuXvE-x3bjYkVg6-UMGkDu1GJ7Rvom35VSOz0EZkgMvM13KBBfNf1PzgoWK8FQpqV99JPIriOqHci0ZV791AhZ78zIO6AxOxyctTLolRkukE4PunxU_wD2pyIhjyljT1Yyr6ZCH07WB1XBk8idUTEendzKnxQCTwXNXh71ykXR2OvoQID1k3JMqRuksOf_5MNnhh4z1tBzxY-JTrTYwuWkxyZu2HK4DdeOatiBZ2mPjiWp0NKJGiDmB4rFjABPzkz5jSAuAEA5AGAaAGTYAHrKjLvQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE92vsQ3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoiMA4Gq7ZesbX633eeUDYN3nOp9nBpbfEALaRQEYnM2Ymo_UuDg%26sig%3DAOD64_2eHCstHqbR0M_C6_CRbc1zmWMp5Q%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DxvChgT377Det291mmFxZpbV1ElIfxrMtABKrVO2ty8rN7VtSnT-xKzKEJVKEy2ffYSrt_0w-Z3zRsHLPK0t5lHI3Rkhv7wq-_Va1dd3rrT9BoE0MsJD-S85ggw1f96WmP_jBpCOphHQXKgIPl2D8PRC7r2A%26cry%3D1%26dbm_d%3DAKAmf-BUJNF88RPTOR7KWdx8gb5AJfMaQKW_TLwVX2IKCxT6kJeQU2hyAenWxFzY_PW3EGHi2hEBSuS4X44tKr2C2toh47g6wGv6Cn99vAfQuZE6UuGXrdezo7rAzl0eiHwYBHK0Q9x1P87T2TUXdTvmlgIGv5IA38Yhihunv7ZayGrJ_K0Y0QugLWyq42AyM1F-wNC3gy-HEDe0kDiGtOA2x_wuObp72pwz6yDBiPbIOFApej_VKhBec7RJEVunsZpl2VdYFr0Y_dD8A4_WFLIBTTBUW3YwoGZ3cnrE4VI4LHvhkAEroR9X2vFXCjlPuGDu9GwVk4pefTEhCHikEDjE3L6zUGLHaFzG4aIoi3DEIVlxkUmVHk1MOh3smXyljgwCRGFSNXUDn3apJNHnKI0LjSav0RwhB8YyhadjwI4STXJv-j8TsLcfzhaiqLwwedc4augGSI7Lnwfqaacsr-adGKJurDerLaE5_mXXIjJI3LqNWhieuAo%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 10:09:11 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5C6F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Mar 2022 22:16:44 GMT
expires
Tue, 14 Mar 2023 22:16:44 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
298347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 419A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Mar 2022 22:16:44 GMT
expires
Tue, 14 Mar 2023 22:16:44 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
298347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 86CB 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?axat-g
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6564 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8diVKg
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
request.php
hal900016.redintelligence.net/ Frame 47A8
Redirect Chain
  • https://hal900016.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900016.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOWc2Nkw0YoWmCc74gAearbXQDbXN-YNX3Ny5q-UM8C4QASC52_MmYJXikIKgB8gBCakCozIxVt6Zsj6oAwGqBNEBT9CVSf3eBCPSAiDenf1DLNSXmC8xvYX7bX5NKmOqbF8YuCgFK-cgjz7RHOKbjxHQnxTnSLljqAAdRxKTqr7UkIyWHTl890ftDeOJBeS4MPq5cSs2FL05Uktrurbr0fECd-5NZJi6jgUF8-pTv_rlxGPgG7UitArXEbWnkEfgdICABFv5nLt1SOrfwuWboNvWnaSeh2b6MULqFiNGL5NVTf47xDbcqxZeSvQQkgXQ8POiyrHFLyC4PGhhjC4QY05q95oaEqfhjDOeRobeon5s8RLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw%26sig%3DAOD64_1V4zfGEzV6Qlq29o2Z79zAZdgFRQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DezRESCSB0gyJfBipKwZX2YPjpSKoK5IRDd7jFEMT2Zt-aiGGGadvNWX9Po0iq5rbjWzcEtrUXIZV52pG3rD_8W0Ocbnl4VqhDf17U1exNFuN2hqLHpy1sq5aiADKpzrDtV44zCots-IM0AXujSqt6xd7Ujw%26cry%3D1%26dbm_d%3DAKAmf-D20__uRhc-3PbzK_lKbgemsN-5vgNOIBsgzEPJntU5ZcErGrKqjTR2Z-3-6Bi0zq-6_HRd-2lwd68YscrILZ4MKXV6S7IhllTsCpJdq5XR_agI35bGmweKptKUSuine8Z4HpOJe-lEHT1aWX0f6bM7C6e7T8GS95iuPLQH9FLy61B7fnBsavjTTv4zNraM5j4Wtl7nHpXezB0ntHLC4XJYA8Sfn70llMMjGM98nxfCWDLZ97CKgu6UDeaQJmYXcdatCI2yq1cn94Py5LCGW012mYk3JTwev5XRFd9JGRJLkFwTJwNe2-k8cOzQ92Ouwkg2MsN0LI7g07CxCKWtz7WrpvFTR_CD9aA6d9ItfJiz-xRGzC5tbH3hcw5yaGPnrPExXtE8OBbkex6nJoa8FkY8R627BK0wR_fDozrU_Tvr0GoKCZjlSGlGnNzbZTbFq1jFUgJr7Tfvfb77RPIxw4m6TAPKBQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=453679453989&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
eea4cb9a75206593f5f9bf03b408b7caeedd8265cf93d82c76005606e3422f9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
35876600050325800710618011902016
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1260
Expires
Fri, 18 Mar 2022 09:09:11 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOWc2Nkw0YoWmCc74gAearbXQDbXN-YNX3Ny5q-UM8C4QASC52_MmYJXikIKgB8gBCakCozIxVt6Zsj6oAwGqBNEBT9CVSf3eBCPSAiDenf1DLNSXmC8xvYX7bX5NKmOqbF8YuCgFK-cgjz7RHOKbjxHQnxTnSLljqAAdRxKTqr7UkIyWHTl890ftDeOJBeS4MPq5cSs2FL05Uktrurbr0fECd-5NZJi6jgUF8-pTv_rlxGPgG7UitArXEbWnkEfgdICABFv5nLt1SOrfwuWboNvWnaSeh2b6MULqFiNGL5NVTf47xDbcqxZeSvQQkgXQ8POiyrHFLyC4PGhhjC4QY05q95oaEqfhjDOeRobeon5s8RLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw%26sig%3DAOD64_1V4zfGEzV6Qlq29o2Z79zAZdgFRQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DezRESCSB0gyJfBipKwZX2YPjpSKoK5IRDd7jFEMT2Zt-aiGGGadvNWX9Po0iq5rbjWzcEtrUXIZV52pG3rD_8W0Ocbnl4VqhDf17U1exNFuN2hqLHpy1sq5aiADKpzrDtV44zCots-IM0AXujSqt6xd7Ujw%26cry%3D1%26dbm_d%3DAKAmf-D20__uRhc-3PbzK_lKbgemsN-5vgNOIBsgzEPJntU5ZcErGrKqjTR2Z-3-6Bi0zq-6_HRd-2lwd68YscrILZ4MKXV6S7IhllTsCpJdq5XR_agI35bGmweKptKUSuine8Z4HpOJe-lEHT1aWX0f6bM7C6e7T8GS95iuPLQH9FLy61B7fnBsavjTTv4zNraM5j4Wtl7nHpXezB0ntHLC4XJYA8Sfn70llMMjGM98nxfCWDLZ97CKgu6UDeaQJmYXcdatCI2yq1cn94Py5LCGW012mYk3JTwev5XRFd9JGRJLkFwTJwNe2-k8cOzQ92Ouwkg2MsN0LI7g07CxCKWtz7WrpvFTR_CD9aA6d9ItfJiz-xRGzC5tbH3hcw5yaGPnrPExXtE8OBbkex6nJoa8FkY8R627BK0wR_fDozrU_Tvr0GoKCZjlSGlGnNzbZTbFq1jFUgJr7Tfvfb77RPIxw4m6TAPKBQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=453679453989&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Fri, 18 Mar 2022 09:09:11 +0100
request.php
hal90002.redintelligence.net/ Frame 44B9
Redirect Chain
  • https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM87tNkw0YvveCsmTgAeVmY5Qtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQKfSyAyV5myPqgDAaoE0AFP0I32Qq1qEQ7m_8NlG4gq7zP4jSBpWnI8O_xIEUZeHhRj0p5KVcCPI0_IgqTLTAza1kMoCT_wM1mOBCF-uHSM1sFiH_UAXV0b900-xufa5bhjp1SSDsj4pZ8vXtVmxuaN4JUg75Wn-ma7Fl269YPHDEl079XXjj2TYhbl2SM6rDmochY7SFNZEUITMHhf_BlGchBjFvvV_PH6Xkzyu4s9EgRmqkJ0VR8mWpkhIRolJDgtQ3ShmYb393_rACcCx6JUzLIN3sEEgR3sXYMPSXkHwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o%26sig%3DAOD64_1b-AZPCc2x9WnocHuqRy1QGLN3tQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CDNKb6BnXFEa1FSxWm4pNo1lHtR5UTE1DeMC7hWDGIAbMYygXo_zgnVpAspBmjsSUm1tHSm4O81cbJmEFuxP0eILeKdEZAfXteNDXbslVWLvja0zQ9d07nl7kgodXFFF0VSpHi50R7KTPK6KmnG2p9iG7KOw%26cry%3D1%26dbm_d%3DAKAmf-DC4K5bl471eLgqGYf5mDcu3OgCnApXWB8ExlM3bvh04Y0Dn7lGIdoiSm6S91rXS0kBwM7Dif83qG8uu3ON61b8sQNYbRdamVIrBAQdO2Qxecb0GGokZ4mt6N-kLwzA8v3Dx1GYLkValu60VdS3xeNWUxxaEgQyg7MW3LzMknEseTqnW_suSaEKt3wpoUwVnw_NcwS2oLzahLTxmA8i6HOzEz6FiNZeaCowT8zGc4iyQmpnjpsHLewOox9vK4gVDKDREgnSxJdpBiTkcTeJaO4QsOu75w_-qUVEF0b8K7GcMKqHWDtaxbRaQjIAYKSJyZtCjeG_nQxY9NDe-cjZVyhDUjxpq7WH_BQYBX6N3gvKqxWqVGlT1dZkquQEGLc_sYZ_1X1r2oaGbH2exWmPUmF5hKDNGrMyw8I2EtZ_kPXAQSQNYvq3DN6evJon3cRdf2UjmtHCoc4emyA0B_JrcQITwQIqpg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5367116263432&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
914707f6dc852c7d541f23431fff882539fbef2caff1e08a4a3df8bf5199bc7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
48553400055944800710612011902002
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1258
Expires
Fri, 18 Mar 2022 09:09:11 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM87tNkw0YvveCsmTgAeVmY5Qtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQKfSyAyV5myPqgDAaoE0AFP0I32Qq1qEQ7m_8NlG4gq7zP4jSBpWnI8O_xIEUZeHhRj0p5KVcCPI0_IgqTLTAza1kMoCT_wM1mOBCF-uHSM1sFiH_UAXV0b900-xufa5bhjp1SSDsj4pZ8vXtVmxuaN4JUg75Wn-ma7Fl269YPHDEl079XXjj2TYhbl2SM6rDmochY7SFNZEUITMHhf_BlGchBjFvvV_PH6Xkzyu4s9EgRmqkJ0VR8mWpkhIRolJDgtQ3ShmYb393_rACcCx6JUzLIN3sEEgR3sXYMPSXkHwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o%26sig%3DAOD64_1b-AZPCc2x9WnocHuqRy1QGLN3tQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CDNKb6BnXFEa1FSxWm4pNo1lHtR5UTE1DeMC7hWDGIAbMYygXo_zgnVpAspBmjsSUm1tHSm4O81cbJmEFuxP0eILeKdEZAfXteNDXbslVWLvja0zQ9d07nl7kgodXFFF0VSpHi50R7KTPK6KmnG2p9iG7KOw%26cry%3D1%26dbm_d%3DAKAmf-DC4K5bl471eLgqGYf5mDcu3OgCnApXWB8ExlM3bvh04Y0Dn7lGIdoiSm6S91rXS0kBwM7Dif83qG8uu3ON61b8sQNYbRdamVIrBAQdO2Qxecb0GGokZ4mt6N-kLwzA8v3Dx1GYLkValu60VdS3xeNWUxxaEgQyg7MW3LzMknEseTqnW_suSaEKt3wpoUwVnw_NcwS2oLzahLTxmA8i6HOzEz6FiNZeaCowT8zGc4iyQmpnjpsHLewOox9vK4gVDKDREgnSxJdpBiTkcTeJaO4QsOu75w_-qUVEF0b8K7GcMKqHWDtaxbRaQjIAYKSJyZtCjeG_nQxY9NDe-cjZVyhDUjxpq7WH_BQYBX6N3gvKqxWqVGlT1dZkquQEGLc_sYZ_1X1r2oaGbH2exWmPUmF5hKDNGrMyw8I2EtZ_kPXAQSQNYvq3DN6evJon3cRdf2UjmtHCoc4emyA0B_JrcQITwQIqpg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5367116263432&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Fri, 18 Mar 2022 09:09:11 +0100
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DA75 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Mar 2022 22:16:44 GMT
expires
Tue, 14 Mar 2023 22:16:44 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
298347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 615F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bOYnKA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
0s3p1fkb96mt
ad.ad-srv.net/zone/ Frame 4DFA 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/zone/0s3p1fkb96mt?subid=&redirectClick=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
2ddbc6648170c24f69bc79f9de24470caebf8899b875220a4f91f9100252216f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2658
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
integrator.js
adservice.google.de/adsid/ Frame F99A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F99A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F99A 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=865432815434499&correlator=1268261424272233&eid=31065546%2C31065691%2C31065713%2C31063246%2C31065657&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizes&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=1&adks=2992467494&sfv=1-0-38&ecs=20220318&fsapi=false&eri=4&sc=1&cookie=ID%3Db81b0705607d37e8%3AT%3D1647594550%3AS%3DALNI_MZzcpFenwuYQRKXNc3zcMPI9rkQmw&abxe=1&dt=1647594550786&dlt=1647594550207&idt=554&biw=1600&bih=1200&isw=345&ish=85&adxs=1244&adys=1121&oid=2&ucis=rb1fpmalk296&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Fleutholdgroup.com&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=345x0&msz=345x0&fws=256&ohw=0&ea=0&ga_vid=1625617818.1647594547&ga_sid=1647594551&ga_hid=630490927&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ed8ada861f725adb0c33cc05e91a1208bdf4d728d7877fa4d6c9a69b16799dd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11201
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B25 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 18 Mar 2022 09:09:11 GMT
expires
Sat, 18 Mar 2023 09:09:11 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 8AB0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5h6cew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 16E9 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?r7-4Yg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
request.php
ad4.ad-srv.net/ Frame 4DFA
Redirect Chain
  • https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...
  • https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=20183412367&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6667f0adee46c37d5ea132b6daa8669147202932bffa494a9b7b80236b0664a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
30285800057875300383828011902004
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1021
Expires
Fri, 18 Mar 2022 09:09:11 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=20183412367&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Fri, 18 Mar 2022 09:09:11 +0100
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 5C6F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame 419A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
view.aspx
pb.media01.eu/ Frame C463
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=35876600050325800710618011902016&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=35876600050325800710618011902016&actionid=981741&produktid=&dt_url=
0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=35876600050325800710618011902016&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOWc2Nkw0YoWmCc74gAearbXQDbXN-YNX3Ny5q-UM8C4QASC52_MmYJXikIKgB8gBCakCozIxVt6Zsj6oAwGqBNEBT9CVSf3eBCPSAiDenf1DLNSXmC8xvYX7bX5NKmOqbF8YuCgFK-cgjz7RHOKbjxHQnxTnSLljqAAdRxKTqr7UkIyWHTl890ftDeOJBeS4MPq5cSs2FL05Uktrurbr0fECd-5NZJi6jgUF8-pTv_rlxGPgG7UitArXEbWnkEfgdICABFv5nLt1SOrfwuWboNvWnaSeh2b6MULqFiNGL5NVTf47xDbcqxZeSvQQkgXQ8POiyrHFLyC4PGhhjC4QY05q95oaEqfhjDOeRobeon5s8RLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw%26sig%3DAOD64_1V4zfGEzV6Qlq29o2Z79zAZdgFRQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DezRESCSB0gyJfBipKwZX2YPjpSKoK5IRDd7jFEMT2Zt-aiGGGadvNWX9Po0iq5rbjWzcEtrUXIZV52pG3rD_8W0Ocbnl4VqhDf17U1exNFuN2hqLHpy1sq5aiADKpzrDtV44zCots-IM0AXujSqt6xd7Ujw%26cry%3D1%26dbm_d%3DAKAmf-D20__uRhc-3PbzK_lKbgemsN-5vgNOIBsgzEPJntU5ZcErGrKqjTR2Z-3-6Bi0zq-6_HRd-2lwd68YscrILZ4MKXV6S7IhllTsCpJdq5XR_agI35bGmweKptKUSuine8Z4HpOJe-lEHT1aWX0f6bM7C6e7T8GS95iuPLQH9FLy61B7fnBsavjTTv4zNraM5j4Wtl7nHpXezB0ntHLC4XJYA8Sfn70llMMjGM98nxfCWDLZ97CKgu6UDeaQJmYXcdatCI2yq1cn94Py5LCGW012mYk3JTwev5XRFd9JGRJLkFwTJwNe2-k8cOzQ92Ouwkg2MsN0LI7g07CxCKWtz7WrpvFTR_CD9aA6d9ItfJiz-xRGzC5tbH3hcw5yaGPnrPExXtE8OBbkex6nJoa8FkY8R627BK0wR_fDozrU_Tvr0GoKCZjlSGlGnNzbZTbFq1jFUgJr7Tfvfb77RPIxw4m6TAPKBQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=453679453989&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 18 Mar 2022 10:09:11 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Fri, 18 Mar 2022 09:09:11 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=35876600050325800710618011902016&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA2:CC32_91EFC182:01BB_62344C37_ED27000:F724
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 4745
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=35876600050325800710618011902016&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
914 B
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOWc2Nkw0YoWmCc74gAearbXQDbXN-YNX3Ny5q-UM8C4QASC52_MmYJXikIKgB8gBCakCozIxVt6Zsj6oAwGqBNEBT9CVSf3eBCPSAiDenf1DLNSXmC8xvYX7bX5NKmOqbF8YuCgFK-cgjz7RHOKbjxHQnxTnSLljqAAdRxKTqr7UkIyWHTl890ftDeOJBeS4MPq5cSs2FL05Uktrurbr0fECd-5NZJi6jgUF8-pTv_rlxGPgG7UitArXEbWnkEfgdICABFv5nLt1SOrfwuWboNvWnaSeh2b6MULqFiNGL5NVTf47xDbcqxZeSvQQkgXQ8POiyrHFLyC4PGhhjC4QY05q95oaEqfhjDOeRobeon5s8RLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw%26sig%3DAOD64_1V4zfGEzV6Qlq29o2Z79zAZdgFRQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DezRESCSB0gyJfBipKwZX2YPjpSKoK5IRDd7jFEMT2Zt-aiGGGadvNWX9Po0iq5rbjWzcEtrUXIZV52pG3rD_8W0Ocbnl4VqhDf17U1exNFuN2hqLHpy1sq5aiADKpzrDtV44zCots-IM0AXujSqt6xd7Ujw%26cry%3D1%26dbm_d%3DAKAmf-D20__uRhc-3PbzK_lKbgemsN-5vgNOIBsgzEPJntU5ZcErGrKqjTR2Z-3-6Bi0zq-6_HRd-2lwd68YscrILZ4MKXV6S7IhllTsCpJdq5XR_agI35bGmweKptKUSuine8Z4HpOJe-lEHT1aWX0f6bM7C6e7T8GS95iuPLQH9FLy61B7fnBsavjTTv4zNraM5j4Wtl7nHpXezB0ntHLC4XJYA8Sfn70llMMjGM98nxfCWDLZ97CKgu6UDeaQJmYXcdatCI2yq1cn94Py5LCGW012mYk3JTwev5XRFd9JGRJLkFwTJwNe2-k8cOzQ92Ouwkg2MsN0LI7g07CxCKWtz7WrpvFTR_CD9aA6d9ItfJiz-xRGzC5tbH3hcw5yaGPnrPExXtE8OBbkex6nJoa8FkY8R627BK0wR_fDozrU_Tvr0GoKCZjlSGlGnNzbZTbFq1jFUgJr7Tfvfb77RPIxw4m6TAPKBQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=453679453989&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b5a5cf013d2f1e5dfba8726b1bada98e1a64fc6f474dbf4626a6d00aa08e3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
content-type
text/html
last-modified
Fri, 18 Mar 2022 05:01:15 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6edcd3fd6c039073-FRA
content-encoding
br

Redirect headers

server
nginx
date
Fri, 18 Mar 2022 09:09:11 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
12
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 47A8 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3392355&wgcampaignid=99582&viewref=35876600050325800710618011902016&js=1&nw=1
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
8e2034b83fe2035bc11d9d4e045fd4a35dcef4f167e31bd7b65cc28609a68d6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Last-Modified
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123
5994599.fls.doubleclick.net/ Frame 66D2
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123?
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f6.1e100.net
Software
cafe /
Resource Hash
a1a02a00dbf09585a63e2c69399e6ac66f348bab8d3fbc503604275407f81302
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 18 Mar 2022 09:09:11 GMT
expires
Fri, 18 Mar 2022 09:09:11 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 18 Mar 2022 09:09:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900016.redintelligence.net/ Frame 95E6 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/request_content.php?s=35876600050325800710618011902016&a=d68f1981
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=z9erfcgupzvd&nw=20&renderingType=javascript&namespace=cb6a9ba40f&subid=&uid=bcab8d9060e6410e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOWc2Nkw0YoWmCc74gAearbXQDbXN-YNX3Ny5q-UM8C4QASC52_MmYJXikIKgB8gBCakCozIxVt6Zsj6oAwGqBNEBT9CVSf3eBCPSAiDenf1DLNSXmC8xvYX7bX5NKmOqbF8YuCgFK-cgjz7RHOKbjxHQnxTnSLljqAAdRxKTqr7UkIyWHTl890ftDeOJBeS4MPq5cSs2FL05Uktrurbr0fECd-5NZJi6jgUF8-pTv_rlxGPgG7UitArXEbWnkEfgdICABFv5nLt1SOrfwuWboNvWnaSeh2b6MULqFiNGL5NVTf47xDbcqxZeSvQQkgXQ8POiyrHFLyC4PGhhjC4QY05q95oaEqfhjDOeRobeon5s8RLABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-Rozu1EzLzdGNepuHKdbE_JeAXPws0padine7PY0x-D07w02ux8tw%26sig%3DAOD64_1V4zfGEzV6Qlq29o2Z79zAZdgFRQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-DezRESCSB0gyJfBipKwZX2YPjpSKoK5IRDd7jFEMT2Zt-aiGGGadvNWX9Po0iq5rbjWzcEtrUXIZV52pG3rD_8W0Ocbnl4VqhDf17U1exNFuN2hqLHpy1sq5aiADKpzrDtV44zCots-IM0AXujSqt6xd7Ujw%26cry%3D1%26dbm_d%3DAKAmf-D20__uRhc-3PbzK_lKbgemsN-5vgNOIBsgzEPJntU5ZcErGrKqjTR2Z-3-6Bi0zq-6_HRd-2lwd68YscrILZ4MKXV6S7IhllTsCpJdq5XR_agI35bGmweKptKUSuine8Z4HpOJe-lEHT1aWX0f6bM7C6e7T8GS95iuPLQH9FLy61B7fnBsavjTTv4zNraM5j4Wtl7nHpXezB0ntHLC4XJYA8Sfn70llMMjGM98nxfCWDLZ97CKgu6UDeaQJmYXcdatCI2yq1cn94Py5LCGW012mYk3JTwev5XRFd9JGRJLkFwTJwNe2-k8cOzQ92Ouwkg2MsN0LI7g07CxCKWtz7WrpvFTR_CD9aA6d9ItfJiz-xRGzC5tbH3hcw5yaGPnrPExXtE8OBbkex6nJoa8FkY8R627BK0wR_fDozrU_Tvr0GoKCZjlSGlGnNzbZTbFq1jFUgJr7Tfvfb77RPIxw4m6TAPKBQ%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=453679453989&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
05698e666feea4141eda8861dbed5f02de73eea5c43cd58b68c6fde1902f5909

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Fri, 18 Mar 2022 09:09:11 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2086
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 47A8
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=35876600050325800710618011902016
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=35876600050325800710618011902016
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:14:44 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA2:CC4E_91EFC182:01BB_62344C37_ECE3B17:F726
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame DA75 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
view.aspx
pb.media01.eu/ Frame EA7A
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=48553400055944800710612011902002&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48553400055944800710612011902002&actionid=981741&produktid=&dt_url=
0
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48553400055944800710612011902002&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM87tNkw0YvveCsmTgAeVmY5Qtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQKfSyAyV5myPqgDAaoE0AFP0I32Qq1qEQ7m_8NlG4gq7zP4jSBpWnI8O_xIEUZeHhRj0p5KVcCPI0_IgqTLTAza1kMoCT_wM1mOBCF-uHSM1sFiH_UAXV0b900-xufa5bhjp1SSDsj4pZ8vXtVmxuaN4JUg75Wn-ma7Fl269YPHDEl079XXjj2TYhbl2SM6rDmochY7SFNZEUITMHhf_BlGchBjFvvV_PH6Xkzyu4s9EgRmqkJ0VR8mWpkhIRolJDgtQ3ShmYb393_rACcCx6JUzLIN3sEEgR3sXYMPSXkHwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o%26sig%3DAOD64_1b-AZPCc2x9WnocHuqRy1QGLN3tQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CDNKb6BnXFEa1FSxWm4pNo1lHtR5UTE1DeMC7hWDGIAbMYygXo_zgnVpAspBmjsSUm1tHSm4O81cbJmEFuxP0eILeKdEZAfXteNDXbslVWLvja0zQ9d07nl7kgodXFFF0VSpHi50R7KTPK6KmnG2p9iG7KOw%26cry%3D1%26dbm_d%3DAKAmf-DC4K5bl471eLgqGYf5mDcu3OgCnApXWB8ExlM3bvh04Y0Dn7lGIdoiSm6S91rXS0kBwM7Dif83qG8uu3ON61b8sQNYbRdamVIrBAQdO2Qxecb0GGokZ4mt6N-kLwzA8v3Dx1GYLkValu60VdS3xeNWUxxaEgQyg7MW3LzMknEseTqnW_suSaEKt3wpoUwVnw_NcwS2oLzahLTxmA8i6HOzEz6FiNZeaCowT8zGc4iyQmpnjpsHLewOox9vK4gVDKDREgnSxJdpBiTkcTeJaO4QsOu75w_-qUVEF0b8K7GcMKqHWDtaxbRaQjIAYKSJyZtCjeG_nQxY9NDe-cjZVyhDUjxpq7WH_BQYBX6N3gvKqxWqVGlT1dZkquQEGLc_sYZ_1X1r2oaGbH2exWmPUmF5hKDNGrMyw8I2EtZ_kPXAQSQNYvq3DN6evJon3cRdf2UjmtHCoc4emyA0B_JrcQITwQIqpg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5367116263432&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 18 Mar 2022 10:09:11 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Fri, 18 Mar 2022 09:09:11 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48553400055944800710612011902002&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA2:CC34_91EFC182:01BB_62344C37_ECE8350:F723
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
index2.html
singles.parship.de/lp/v00/6/U/htlp/ Frame 1286
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=48553400055944800710612011902002&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
914 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM87tNkw0YvveCsmTgAeVmY5Qtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQKfSyAyV5myPqgDAaoE0AFP0I32Qq1qEQ7m_8NlG4gq7zP4jSBpWnI8O_xIEUZeHhRj0p5KVcCPI0_IgqTLTAza1kMoCT_wM1mOBCF-uHSM1sFiH_UAXV0b900-xufa5bhjp1SSDsj4pZ8vXtVmxuaN4JUg75Wn-ma7Fl269YPHDEl079XXjj2TYhbl2SM6rDmochY7SFNZEUITMHhf_BlGchBjFvvV_PH6Xkzyu4s9EgRmqkJ0VR8mWpkhIRolJDgtQ3ShmYb393_rACcCx6JUzLIN3sEEgR3sXYMPSXkHwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o%26sig%3DAOD64_1b-AZPCc2x9WnocHuqRy1QGLN3tQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CDNKb6BnXFEa1FSxWm4pNo1lHtR5UTE1DeMC7hWDGIAbMYygXo_zgnVpAspBmjsSUm1tHSm4O81cbJmEFuxP0eILeKdEZAfXteNDXbslVWLvja0zQ9d07nl7kgodXFFF0VSpHi50R7KTPK6KmnG2p9iG7KOw%26cry%3D1%26dbm_d%3DAKAmf-DC4K5bl471eLgqGYf5mDcu3OgCnApXWB8ExlM3bvh04Y0Dn7lGIdoiSm6S91rXS0kBwM7Dif83qG8uu3ON61b8sQNYbRdamVIrBAQdO2Qxecb0GGokZ4mt6N-kLwzA8v3Dx1GYLkValu60VdS3xeNWUxxaEgQyg7MW3LzMknEseTqnW_suSaEKt3wpoUwVnw_NcwS2oLzahLTxmA8i6HOzEz6FiNZeaCowT8zGc4iyQmpnjpsHLewOox9vK4gVDKDREgnSxJdpBiTkcTeJaO4QsOu75w_-qUVEF0b8K7GcMKqHWDtaxbRaQjIAYKSJyZtCjeG_nQxY9NDe-cjZVyhDUjxpq7WH_BQYBX6N3gvKqxWqVGlT1dZkquQEGLc_sYZ_1X1r2oaGbH2exWmPUmF5hKDNGrMyw8I2EtZ_kPXAQSQNYvq3DN6evJon3cRdf2UjmtHCoc4emyA0B_JrcQITwQIqpg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5367116263432&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae4f6f19ebf0fe64e1884d4c2a9e2f0b55a9adf3b7d4812e495eee912e674fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
content-type
text/html
last-modified
Fri, 18 Mar 2022 05:01:15 GMT
vary
Accept-Encoding,User-Agent
p3p
CP="ALL CUR OUR STP UNI PUR"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
6edcd3fd6c019073-FRA
content-encoding
br

Redirect headers

server
nginx
date
Fri, 18 Mar 2022 09:09:11 GMT
content-type
text/html; charset=UTF-8
location
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id
12
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
link.html
track.webgains.com/ Frame 44B9 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3392355&wgcampaignid=99582&viewref=48553400055944800710612011902002&js=1&nw=1
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
df1f6edd81b5305bee042a161a3edadb02004e56e6a502a27e16d6d7b801307e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:11 GMT
Last-Modified
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93
5994599.fls.doubleclick.net/ Frame 6AC4
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93?
390 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93?
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f6.1e100.net
Software
cafe /
Resource Hash
1ccc978bb2448b541e6d6f0910fe04085775e365066f64e04fb89155329513ba
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 18 Mar 2022 09:09:11 GMT
expires
Fri, 18 Mar 2022 09:09:11 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 18 Mar 2022 09:09:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90002.redintelligence.net/ Frame 9C7F 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request_content.php?s=48553400055944800710612011902002&a=4bd912d5
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0d89f4fe2a&subid=&uid=c70e96fa7f8f504b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM87tNkw0YvveCsmTgAeVmY5Qtc35g1f82Lmr5QzwLhABILnb8yZgleKQgqAHyAEJqQKfSyAyV5myPqgDAaoE0AFP0I32Qq1qEQ7m_8NlG4gq7zP4jSBpWnI8O_xIEUZeHhRj0p5KVcCPI0_IgqTLTAza1kMoCT_wM1mOBCF-uHSM1sFiH_UAXV0b900-xufa5bhjp1SSDsj4pZ8vXtVmxuaN4JUg75Wn-ma7Fl269YPHDEl079XXjj2TYhbl2SM6rDmochY7SFNZEUITMHhf_BlGchBjFvvV_PH6Xkzyu4s9EgRmqkJ0VR8mWpkhIRolJDgtQ3ShmYb393_rACcCx6JUzLIN3sEEgR3sXYMPSXkHwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASKORoJK0HTIGv_asUdWsu1jtoSq2OzvEvP7Eko61IxgmVpLn3C0O6g0o%26sig%3DAOD64_1b-AZPCc2x9WnocHuqRy1QGLN3tQ%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CDNKb6BnXFEa1FSxWm4pNo1lHtR5UTE1DeMC7hWDGIAbMYygXo_zgnVpAspBmjsSUm1tHSm4O81cbJmEFuxP0eILeKdEZAfXteNDXbslVWLvja0zQ9d07nl7kgodXFFF0VSpHi50R7KTPK6KmnG2p9iG7KOw%26cry%3D1%26dbm_d%3DAKAmf-DC4K5bl471eLgqGYf5mDcu3OgCnApXWB8ExlM3bvh04Y0Dn7lGIdoiSm6S91rXS0kBwM7Dif83qG8uu3ON61b8sQNYbRdamVIrBAQdO2Qxecb0GGokZ4mt6N-kLwzA8v3Dx1GYLkValu60VdS3xeNWUxxaEgQyg7MW3LzMknEseTqnW_suSaEKt3wpoUwVnw_NcwS2oLzahLTxmA8i6HOzEz6FiNZeaCowT8zGc4iyQmpnjpsHLewOox9vK4gVDKDREgnSxJdpBiTkcTeJaO4QsOu75w_-qUVEF0b8K7GcMKqHWDtaxbRaQjIAYKSJyZtCjeG_nQxY9NDe-cjZVyhDUjxpq7WH_BQYBX6N3gvKqxWqVGlT1dZkquQEGLc_sYZ_1X1r2oaGbH2exWmPUmF5hKDNGrMyw8I2EtZ_kPXAQSQNYvq3DN6evJon3cRdf2UjmtHCoc4emyA0B_JrcQITwQIqpg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=5367116263432&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
5f421490054afa02ee3a18e487916a9cb4ebee503795c9f4cb0cfcc4e35ecc17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Fri, 18 Mar 2022 09:09:11 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2108
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 44B9
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48553400055944800710612011902002
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48553400055944800710612011902002
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:14:44 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA2:CC4C_91EFC182:01BB_62344C37_F01B8C9:7DE0
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
truncated
/ Frame 47A8 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
217b774718ca377eedbf47a6a03210d442587f50ca0281853142fc117886e508

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame F99A 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21c5c97e6d7b8e46a5780762fc3927cca03dd56dd48c232b12cb1d0403d96e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10602
x-xss-protection
0
truncated
/ Frame 44B9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8af43a127053904d4757cec4c36ca2e914e4770a4cf49c156ed362ede0018c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 95E6 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=35876600050325800710618011902016&a=d68f1981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 08:09:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:09:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:09:11 GMT
/
hal9000.redintelligence.net/scale/ Frame 95E6 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=35876600050325800710618011902016&a=d68f1981
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
9f739a294f0255440cbc0812e6976d9d5954f4b44e163226be40988f2513a3cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
27152
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 95E6 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninicomics-banner-2021-1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=35876600050325800710618011902016&a=d68f1981
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
9bddb1ebe3d389a5253245dabc7166a3c974d5755d9b61db7be13ea14c54228e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25259
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 95E6 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=35876600050325800710618011902016&a=d68f1981
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
de0188a1d2a5b54c336ce0772427428c1eedbe113fe9335bea342b847c7a0840

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
11190
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 9C7F 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=48553400055944800710612011902002&a=4bd912d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 09:06:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Mar 2022 09:09:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Mar 2022 09:09:11 GMT
/
hal9000.redintelligence.net/scale/ Frame 9C7F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=48553400055944800710612011902002&a=4bd912d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
3c591e1a048af530d3d2eec93997876897263786d4f781d03363778f19d85b52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16248
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9C7F 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninicomics-banner-2021-1200x627.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=48553400055944800710612011902002&a=4bd912d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
facfbf9359f6c19a90ed98e2582a1679945a3ffcd4280b4d2044d6f29d8c0f9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15705
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9C7F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=48553400055944800710612011902002&a=4bd912d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
8e254991935fb6da8e83f827cb212fe4f205fc74c04bf7c9656140eea0bb72c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7154
Vary
Accept-Encoding
Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F99A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:11 GMT
ztpv.php
www.conrad.de/ Frame 1494
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&pref1=30285800057875300383828011902004
  • https://www.zenaps.com/cshow.php?pvr=1373a350-a69b-11ec-8df2-22307a82f47e&v=11354&r=473322&q=371931&s=2470208&viewref=30285800057875300383828011902004&pv=1
  • https://www.conrad.de/ztpv.php?awc=11354_473322_1647594551_1373a350-a69b-11ec-8df2-22307a82f47e&insert=AW
0
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.de/ztpv.php?awc=11354_473322_1647594551_1373a350-a69b-11ec-8df2-22307a82f47e&insert=AW
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=20183412367&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
content-type
text/html; charset=UTF-8
server-timing
intid;desc=68c56472a80c5ef6
cache-control
no-cache
expires
-1
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
676201898
age
0
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
6edcd3fdbf959049-FRA
content-encoding
br

Redirect headers

Content-Length
0
Location
https://www.conrad.de/ztpv.php?awc=11354_473322_1647594551_1373a350-a69b-11ec-8df2-22307a82f47e&insert=AW
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Fri, 18 Mar 2022 09:09:11 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
view.aspx
www.media01.eu/ Frame 85B0
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2840009&v=20646&q=409071&r=473322&pv=1&pref1=30285800057875300383828011902004
  • https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1647594551_1373ca62-a69b-11ec-8df2-22307a82f47e&d...
0
904 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1647594551_1373ca62-a69b-11ec-8df2-22307a82f47e&dt_mode=iframe&dt_url=
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=20183412367&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.10.231.200 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
85-10-231-200.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/

Response headers

cache-control
private
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 18 Mar 2022 10:09:11 GMT
server
Microsoft-IIS/10.0
p3p
policyref="http://www.media01.eu/www.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Fri, 18 Mar 2022 09:09:10 GMT
content-length
0

Redirect headers

Content-Length
0
Location
https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_473322_1647594551_1373ca62-a69b-11ec-8df2-22307a82f47e&dt_mode=iframe&dt_url=
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Fri, 18 Mar 2022 09:09:11 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
up_loader.1.1.0.js
js.adsrvr.org/ Frame 4DFA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=20183412367&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 06:00:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
11309
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P2
X-Amz-Cf-Id
bjaGW1-B4Z4o0IioJKYv6jBa6CWk2geMdOWf_xTRQjZ8l7FkTXct_Q==
pixel_loader.js
static2.creative-serving.com/ Frame 4DFA 		527 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/pixel_loader.js
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request.php?zone=0s3p1fkb96mt&nw=11&renderingType=javascript&namespace=1266e51a76&subid=&uid=0bc789d28d05c645&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=20183412367&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 21:32:00 GMT
server
UploadServer
etag
"68faa1738e44f8aabb6f53cba51f29d3"
x-hw
1647594551.cds257.am5.hn,1647594551.cds278.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
container.html
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 82D2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js?cb=31065691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:09:11 GMT
expires
Sat, 18 Mar 2023 09:09:11 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/252864ceec6719f7c7974b84a40d42d6:920191e0e789588dc7fc4c1413c19862f1ff8ce1ba4580b2e75617b7c45bbca0121800c6abb2aab6c0b05303b1c2c6c21e34ec44e640d0537b9e2f8bcd8e87a89bffc75bcb33b9e... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/252864ceec6719f7c7974b84a40d42d6:920191e0e789588dc7fc4c1413c19862f1ff8ce1ba4580b2e75617b7c45bbca0121800c6abb2aab6c0b05303b1c2c6c21e34ec44e640d0537b9e2f8bcd8e87a89bffc75bcb33b9e76a2860a40450cb3ec6a0339116230f3e39d0e17806e8e87d/i?id=95871e6e-4c4f-4fc0-8edc-baf15a8a6494&ts=1647594551142
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:11 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
6af83c13-2db5-4042-bd66-c24ab51f8479
i
api.purpleads.io/x/a/252864ceec6719f7c7974b84a40d42d6:920191e0e789588dc7fc4c1413c19862f1ff8ce1ba4580b2e75617b7c45bbca0121800c6abb2aab6c0b05303b1c2c6c21e34ec44e640d0537b9e2f8bcd8e87a89bffc75bcb33b9e... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/252864ceec6719f7c7974b84a40d42d6:920191e0e789588dc7fc4c1413c19862f1ff8ce1ba4580b2e75617b7c45bbca0121800c6abb2aab6c0b05303b1c2c6c21e34ec44e640d0537b9e2f8bcd8e87a89bffc75bcb33b9e76a2860a40450cb3ec6a0339116230f3e39d0e17806e8e87d/i?id=95871e6e-4c4f-4fc0-8edc-baf15a8a6494&ts=1647594551142
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.45.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-45-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2xldXRob2xkZ3JvdXAuY29t
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:12 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
5548bf98-0afd-439f-b157-52c30c83173a
viewability
hal900016.redintelligence.net/ Frame 95E6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900016.redintelligence.net/viewability?s=35876600050325800710618011902016&a=305cb224&vb=m
Requested by
Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=35876600050325800710618011902016&a=d68f1981
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900016.redintelligence.net/request_content.php?s=35876600050325800710618011902016&a=d68f1981
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal90002.redintelligence.net/ Frame 9C7F 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=48553400055944800710612011902002&a=3794a9b6&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=48553400055944800710612011902002&a=4bd912d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=48553400055944800710612011902002&a=4bd912d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 95E6 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900016.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 18:04:09 GMT
x-content-type-options
nosniff
age
140702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:37:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 18:04:09 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 95E6 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900016.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 18:03:30 GMT
x-content-type-options
nosniff
age
140741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:39:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 18:03:30 GMT
dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123
adservice.google.com/ddm/fls/z/ Frame 66D2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNq-9P-nz_YCFYe1UQodgYMHPQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5786061077602.123?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93
adservice.google.com/ddm/fls/z/ Frame 6AC4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNy_9P-nz_YCFdcfBgAdkOUFYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4916198884665.93?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.js
static2.creative-serving.com/ Frame 4DFA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/pixel.js
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/pixel_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
df16ae2f3f4c003e55aa93796b78c0ab73e0155ae32bea72cee59d1e0832f92d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 21:32:00 GMT
server
UploadServer
etag
"ddebe66232ec2ff147a8664e2ecc6e4f"
x-hw
1647594552.cds257.am5.hn,1647594552.cds241.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1505
request_content.php
ad4.ad-srv.net/ Frame 8D92 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7a2aa72385c5a0e04a630caced45946f1b088fd25ed2e8d2d20b433a0ff78010

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/

Response headers

Date
Fri, 18 Mar 2022 09:09:11 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Fri, 18 Mar 2022 09:09:11 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1469
Connection
close
Content-Type
text/html; charset=utf-8
pvClk.min.js
analytics.webgains.io/ Frame 44B9 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392355&wgcampaignid=99582&viewref=48553400055944800710612011902002&js=1&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
15366
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 18 Mar 2022 04:53:07 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
s-TjlIGW2driCZ4pTDUPXqRz9KKRM-fzMqMApJMFJi8T6Y4xfj-TYg==
link.html
track.webgains.com/ Frame 44B9 		160 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=58734200044511700710776011902001&wglinkid=3392355
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:12 GMT
Last-Modified
Fri, 18 Mar 2022 09:09:12 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
160
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 47A8 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392355&wgcampaignid=99582&viewref=35876600050325800710618011902016&js=1&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
15366
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 18 Mar 2022 04:53:07 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
AHgfq2mKFSMMDIOmYMfUDdaRVcITKFLSQP2EBVMxxCL62riL16KImg==
link.html
track.webgains.com/ Frame 47A8 		160 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=73121800048579001051022011902017&wglinkid=3392355
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:12 GMT
Last-Modified
Fri, 18 Mar 2022 09:09:12 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
160
Expires
Mon, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB17 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 09:06:19 GMT
expires
Sat, 18 Mar 2023 09:06:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3C29 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ddb52f35a558633a1535db760684258e4c8cd7cc6426b9e360ee1b3c6bdb9192
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T+VBZWP4QYF6+IrlqhaBmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 18 Mar 2022 09:09:11 GMT
date
Fri, 18 Mar 2022 09:09:11 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-T+VBZWP4QYF6+IrlqhaBmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4DFA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdafcb5007554b002dbce6dc38c9a3b8fbff17241ccc799393c46cbff9fb71b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 82D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkXl6N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPMBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZTb3OKdbVJzWsv12lkdt-brj_90fsWBiDjrU7D7Mw4w6Z_CNK-yw4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00OTAzNDUzOTc0NzQ1NTMwGIu5dw&sigh=UPL6_mdlmw4&uach_m=[UACH]&cid=CAQSPACNIrLMd0VkSkovM9gu6vFFOqU2CyHh5y3s2oqLX4WY47IQJAQnRXH4GjO-0Xqdm-0E-wroRAtelleVoRgB
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 82D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jra62pmx1n9v7kk39ce215dtvp91ewndencgd5n5wxbc3jfhgc7nsazw8ybw4r4zqv0gcyp04wmq1xpr0v41ytbfetd4e2e8rrg1feam2b4rvp7p32f1rwn7zjvb40z23y6nvrkvehmx9w7gacxscqhsaj6pjz9gvjt7jzhaqy187x58bedv3kbjtje6kpcgbzxfbbb89kgpqr7skm1q3xwn7fhaep2a46r33kp4bz6ajzb87hanynxh9mnqvap4n2qjm9y8n7eyztgvzrds7kxfefd223nawbz1r23t4zcbdcpq1f2ff76hgw23rcy6ybxh9ahsz6sq7g97kp7gpdn9ybswwk1y0cvfqkbdm1vj88fwgzzaq87c7k4xbw79y8y92sg5ymtbva790g80f3s4zhat&b=YjRMNwAH7o0K4E5OAALPPVN9HXarAnQ8Dc5GaA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Mar 2022 09:09:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 695D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hc7cq76mcmvxdj4f74vwdpswctv13j70d7x3vqbvy0yxjz6a9cvmymz0mw72y6ba4svq6xvr2xmvsxke06sk0smdt1t2ddbtxgg8myqbzf6hatttarffp5yyp7grgahxvdt2w33xsj56pr0xnfcwhyc5zmpg55gntggaaef1bsmx383e1nm7mzeky0jj51k6w35pkqns9gn4e9fbvn3g6s8racpcxk6sp657gatk0w98b8bvxw2x5a4takh8ypw8bvjsnzf3kszy77h26jegtm7g5yffzttvn6hj91mykrqtkmcaz3xttdk6jf9hjd13wvd5zbp9rahwv5xrr1jg3x4ax9kc55m59cgw63h3gsbvdq5az9esnzq0a0g6cejw62q0g5rgwzjr8afx30ndr9jxw0xqpyshxq86s4qcnnfpg6vcwjky&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%26client%3Dca-pub-4903453974745530%26adurl%3D
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d65322106d550b40dab4d275ecdd4aaaa6d141ab0ac7d2b88ba5898f899c362
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6edcd3fe5f60928d-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 82D2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 08:59:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BA1D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 17 Mar 2022 13:26:12 GMT
expires
Fri, 18 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
70980
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 82D2 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Mar 2022 09:09:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 82D2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 09:04:15 GMT
l
www.google.com/ads/measurement/ Frame 82D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHdILQIMgwCBpz9TBlwjEDWpQJhiFGntZ3TIv_29Jmr0z9npQyEwi5h3zRtGfF4oCOUV_aX5m0qOOVG0FOXoQDbTkZ4g
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 82D2 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:52:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 08:52:01 GMT
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 1286 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
61945
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6edcd3ff1de49073-FRA
expires
Fri, 18 Mar 2022 15:53:52 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 1286 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9007a72d0fa0a45bdb1ba8527cdfe7122636a3ae014d75d32ece4de4efea45b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
61945
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Feb 2022 09:22:00 GMT
server
cloudflare
etag
W/"61fcf038-7633"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6edcd3ff1de69073-FRA
expires
Fri, 18 Mar 2022 15:51:45 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 1286 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6edcd3ff5fe09b67-FRA
easter_234x60
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame 8D92
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pref1=30285800057875300383828011902004
  • https://www.zenaps.com/cshow.php?pvr=13acb4b0-a69b-11ec-8df2-22307a82f47e&v=11354&r=473322&q=371931&s=2470208&viewref=30285800057875300383828011902004
  • https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_234x60?format=gif
23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_234x60?format=gif
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
Protocol
H2
Server
178.79.242.245 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-245.fra.llnw.net
Software
Cliplister GmbH /
Resource Hash
0a6eb59d917d4c2852928a6bc19602dd38d138efd77400de2a30e188b189be3e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad4.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
etag
"622f390c-5c3e"
last-modified
Mon, 14 Mar 2022 12:46:04 GMT
server
Cliplister GmbH
age
160696
date
Fri, 18 Mar 2022 09:09:12 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=172800
x-server
c10
reporting
eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjdjd25kV2ZqX3l6Vjh5Z2ZnX2d3NVNZQVQiLCJ1dWlkIjoiMWJhOGZhMGQ3NGQyNGEyODgwOGFiMWQ1NGIxNzdmYmEiLCJhc3NldHR5cGUiOiJwaWN0dXJlIn0=
x-llid
504f7bf3d2bd2ae6328d08196d02f01d
content-length
23614
accept-ranges
bytes
expires
Fri, 18 Mar 2022 12:30:56 GMT

Redirect headers

Date
Fri, 18 Mar 2022 09:09:12 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://asset.conrad.com/media10/isa/160267/c1/-/de/easter_234x60?format=gif
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
69250fcfc588cf5d8ffbc24dca91a6f6
pv.medialead.de/trck/epv/ Frame 8D92 		959 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6?subid=30285800057875300383828011902004&ctrack=https%3A%2F%2Fad4.ad-srv.net%2Fc%2Fc0abnamr1d1w5p6%3Ftprde%3D
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
44d02966c48f3bcd4ab06ce723d752fd3f176bf4a5ecc55386c03c64357495b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad4.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:12 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA2:CC4C_91EFC182:01BB_62344C38_F01B90A:7DE0
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=utf-8
Cache-control
private
Keep-Alive
timeout=20
Content-Length
959
Proxy-Host
pv.medialead.de
STIHL-Logo_234x60.png
cdn.ad-sun.de/STIHL/Werbemittel/Logo/ Frame 8D92
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2840009&v=20646&q=409071&r=473322&pref1=30285800057875300383828011902004
  • https://cdn.ad-sun.de/STIHL/Werbemittel/Logo/STIHL-Logo_234x60.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad-sun.de/STIHL/Werbemittel/Logo/STIHL-Logo_234x60.png
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
Protocol
HTTP/1.1
Server
164.132.182.207 , France, ASN16276 (OVH, FR),
Reverse DNS
ip207.ip-164-132-182.eu
Software
Apache /
Resource Hash
e9059db18be75224b6baf75f105c9a7569b5c65dadea74f6d0afc3c7f7bceba5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad4.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:12 GMT
Last-Modified
Fri, 19 Mar 2021 16:19:17 GMT
Server
Apache
ETag
"e59-5bde613ec479c"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3673

Redirect headers

Date
Fri, 18 Mar 2022 09:09:12 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://cdn.ad-sun.de/STIHL/Werbemittel/Logo/STIHL-Logo_234x60.png
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
peg_logger.js
singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 4745 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
61945
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 12:23:02 GMT
server
cloudflare
etag
W/"61e6b126-2ebe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6edcd3ff2dfa9073-FRA
expires
Fri, 18 Mar 2022 15:53:52 GMT
pegtracking_combined.js
singles.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 4745 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9007a72d0fa0a45bdb1ba8527cdfe7122636a3ae014d75d32ece4de4efea45b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
61945
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Feb 2022 09:22:00 GMT
server
cloudflare
etag
W/"61fcf038-7633"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
cf-ray
6edcd3ff2dfb9073-FRA
expires
Fri, 18 Mar 2022 15:51:45 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 4745 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
Origin
https://singles.parship.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6edcd3ff780a9b67-FRA
viewability
ad4.ad-srv.net/ Frame 8D92 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.ad-srv.net/viewability?s=30285800057875300383828011902004&a=f5ba1f2d&vb=m
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:12 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
triple_layout3_animiert.gif
cdn.contentspread.net/kupona/creatives/ Frame 8D92 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/kupona/creatives/triple_layout3_animiert.gif
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21037.dus4.fastwebserver.de
Software
nginx /
Resource Hash
5d8e1362d3d67ed6e74c3104f3ab8609d179081387ea36e71940914a86350f7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad4.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:12 GMT
Last-Modified
Fri, 27 May 2011 12:36:57 GMT
Server
nginx
ETag
"4ddf9ae9-21b3"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
8627
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC4A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031501&jk=879657133458274&bg=!y8ilyIzNAAba2mK92to7ACkAdvg8WvpZ7M6fJlaJqXDSQatUxPFbTz1jVG_gZOUTnPmbYgkUnJmkQgIAAAN5UgAAAAJoAQcKAC-RihTsSmpOyB21RfkIvGvrT3VhBGqijoXvF_o45ZmCmSSC6G9cD36SFYRckWGjCpkC7Hs_DPWIb11fK2FVTwnc0shZJ_90UfOVNOg5k2aM0wu2yo7lOpTYQnGMOC_OPQ5T9wM_dnX2FgYpvQtIHMnEmbMdEve8HC8c0ogDBLkI-nVAr7ESLPQ5p395FZbvjxLcJdeVXaeUFp1uymE2El2Xkfm3CmfbStFe1jN1EQWlLOHtwGp9hSTRtnbyr3yQbdfpcUetd9e5jX74p0UjyU21Fgsjs9RXHgdMyshCQsj443QqgEswq0FvclTpQX_bVsQxMTlXQ08jaGY-409KsTYJX6eHWuN9mWaNadkXhBryW18iM-66THQr0YjXBbbshAs6awMzTd6702E6R6ktkctHpNhb4BfUfhTyEGE1Ia8NuuwzvaoF7AtSkeQ-d9DwcDl1KemQ0HXiusAC_CBp9iyJggn23GCFkhDs23DgWXnzxKLxofF2CdUysfZE85Osqo4ln8T0nR3cDuf8hGq2qeZQg5BUCegaeJwqEuGo5DY1Qg8HXxvDiiqWqSkvCB-Czez4bqRBh21FbfCZQ_xxDmDi8EjR-grc4R0c932DPDs6ilZnQ0DUZ9axZYo5dc5lZjCF56D_STuPuko93wXCPKX3TLR4nlVKlc2lQoSdcWYQFm5jnCgmd-qMgCoiXUT7q-b17eCUn8pTvXs51pOcZMDeqlVlmKK_jOnxlcmw-3bJB1kv6w2wGQQYqHdrCphVWTut2UMgriZzCwYxECr2n28F9q0jxgKNlxIxYvLJFGMURArgEHacOJ5fk7yrRGUG9F5bLwcGbRn-FVcH6qp1iidGc3w61hdgNd_tD7Aa78nyJEE3LkeZvuQsUm5i0ETSTw4M18uNV9iQ5Nb4qGeZGooA3rXW5Bv_jZUy6QOBsXdO5T81emdDOqY4ehexcCWMIM8qt2o8Bnlyf6ZcP-6NhIoIBRbtfJ6Yz878R-h1s4kViOdLdKGRm4eCNxNtZ0quMF0yMHSbI5aw2nxEMhbHTTRLvrQfCMMeibkaX5_cXQs
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 290E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=964791577107972&bg=!6uml6a3NAAba2mK92to7ACkAdvg8Wqgdc_znKlHbrtDFTv6Bsk_bs-J7wtmmY9xyIxFqg4RMmq1XfAIAAANkUgAAAAJoAQcKAHjDSIuqdwopl2ZV_NBUXpIwMLOQ1VVvW1iLd62UfGMJ_Pl-sW1dzOixpLJeCBukwB24qZ8M_Hak4fmqtS0LsHFckUOdwVF3TBJzMJV39mCg4hnp7Y8kVJsEintb5sUqN2xTwQPOzyccI2AEdQidToQ8FYUyoy6rn6OZAtDM7W7uOAVBCYbFErojMV07Yn-GiP-f7ab2tI-wMAIcmq_-VEU93Zp3z84dD9bLQIyHy0m-BvYUPrFQaXDKVmQ62zzcHeqdlH-Z4zRxENlTq-_-m7vp3cM0eQREDPu7Wi_GGElSNIaG5zDF-Td-sxYFjzyDBHzduKGqDUYvXi1M87uWQx1cQdcyEURafE7bvnutUrWzhm4hLhfmM7ShovPDti_OPJHKdGm54ry-bh07GejxtqdI5X1fiRSouELxvaoww96Cf61VRsX2ac5auRkq2kC_66ISBPn5KRDgb27anHZo4YYpXlNFs3UftYMMjRvnmoHq9J3GZc90O7zoy2I7OlJuWoM97_y8Kczr6UTZqq_dugRdYdSSYQPhEctmZYXlu74tK7lpOo35i-7YtW_oE8-PE6H6hNzDG1yWVWUN_YggIFVLhBOfhKUXBurvt0dybHAu1DPxNxN9u66FmhfMrZOygtaE7HZroRoX8fKz8Ru3TWnxbBo4ouP7nH7glunoWRKT8IdmKcdi_QVqD991AX6tsaNqvgJHJbkii59eWuiXNhSCCR-CagBVFUPwHghLK0nm5trrN6VBkW0AnlxU5EIgFkCyVWcdjYSVmIKUogtwdLdqLqfA6SJS3rLGLi3mnbjXR5q4H_RkoV1Y9J8as140hTnbXF4Bf-IFTLmjE6StEtSmVKgkYxySNUqWh3koQPq2fDJL6INR795aPHhyYHW-Ey0kyWpyZDnwO6rpwt-E4UtPIiJD3P8FUEC-qBcwmmYO49YXURirqrwKal3n0JKGBMV89Kt8DzQx2RqNYB4ysGBZ36lZrOMj49LVWAEJ2-reDRe8x2SwjJTuuPIpaRvATWdjHfKdazjz2q6CSKDceKCpVGF7Ry-ygmhlHMtuq92khuVr1Eik1r17iZd0bwjbpXNYCIBlGPmaSYK9R23lfohHZddzEBojDa-sue8
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDA7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=2785580687016835&bg=!8_Cl8LTNAAba2mK92to7ACkAdvg8WhwLLDdOV3-DysM9fILEKj-jB3eWevPs-hfUYL78hqaMB1MPTAIAAANNUgAAAANoAQeZAufItTHDngfbkWPWhneS_z7BfA0Fou1LX-TLTlWjteb8bPdRW9Yy0SjdZUF04IJ43rDfMdr6vfqp1vHQwuPL-SOkeDVAP4CFKT4VvzFMrVuVXSHHftjbWZLaIuq5_7t0azZTc426sIIskTjpjg5cd42GqWySGHN0ZvuYmCnsJ06WtH1Cn-nENzSJAteNuWiYibruZeNNYZNmXp7Mis3Q3NhakRp7E0HtA1PXDkbczVl8kEpae-h7H9El1ajdbt2rs8ruVfKSydvMRrdVpgC54IhnHKZLI1Y5aDNKO9b6IFvfR9v8FJqE6M8_k9ZNJ-bgBN5XEeMasnzGRTEKm4YBEAfbJzIbdErIYPxDtDOmO8etbkQaFg32Ery4ItjeYBfrhlMDeeWJp8h6mnzz0MAO4lyhk8kWk1RtFOiTn0FYYqjkhwspG0YPHr5cis72MyjotLhrCLsSqdrufo4DL5eefHulEC3hrZCI6H1zi27Xsjo8Ma2EpZt9Pe7wVDHtvISDiEU4ilq0ozMCPkC8kP08O0ENcl0xisgZaIgoaF3QZ8mGfNe5Tr0LOQp7gN68FN-5vWU3UNZUSLCQ2JS662g1EpKP1_tzvaW_Cq6t1bUB7uf5U8zsVc-Ssg0WXb2X9E6efnADMXxUcRymrzs11aDG65SzoUkMTFKIdyzEQ72-wbP9tePLQRO6GwOA7BYKeX-CeOi_eVgRED-Wvfi_Lq5LuMslOCXXHy0FEMsqyTYUoi0hmYGtJbuHB25ePET2bGBTRWhYiTXVdLgpQzuOn8--e1hAWve6kntpODjP43Jw497hQDdeqLFD4hBxscS1p-w7QDnDFvSh6T3ehRh_RTWoGF6eM1TclaeRpNyg45rmBb2dzP6QTd2M_J6Pcg8UGW4emwBDrSSJ1gnf3CEAsR-9CFJFC3TAwqwNDiEzozcn7G6p_9bs1M6SuTs_sNPL_pEB6yPsh_heCq2P3tgktojS0jWHIemC6HqHTA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/leutholdgroup.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D4CD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=3180398423031205&bg=!np2lndnNAAba2mK92to7ACkAdvg8Wi77cJH9qJR2oDY2ZDEkUbtVitWTcFiLLY2lrk6RiGFmCP8qBQIAAALUUgAAAANoAQcKALS5amTupRGO77qqDUjKShuzjvG7it7AyGbDtFGdVNne5TIzjTWR0Fw7Cp1mOa1cDwPm9vKfq6YVspo382QFYKgUAuLOkFgDH8O0pdZC8HzpHuHn31OZKWf3LZCu3aAJ9qTIuBp8IAMDqF6uU6R9dQBQtk9Eq-LFYpdsqaKfeg3TDOEc4aWpW6K6k1KdCl1pgBCMVV9njagUWyasIbw1HvJucVqPMEhfXuz7FpHnqAT6qmIH7CuZAtviAv0opuL_DPASy7nd7PRu9I-QlS2qsynT__8eqvtjbdqMN7oOd89jY-rnYXZ5qCJG3Ae5YWAoApfUqdDaVetIOhLKyA-Fa0Xp5tS2DS7_opmRlrTf1ZQMgGBmb5bHFq7o2Wo5iBOKKd7HNWGoB-NO0OkZRC75x8xslaNUMQuHUSKYjV4TID5KJstxFMBPrF25k5WSyIgG4cishaYlVLRhTrBNiiTcyuPr3DCodiBRoI3ZD5-XfJIjKFoEio5rlkZ1DQNpxH8jTTKYIoBzGD4p0nw12aIO2zHSM3HRIOkNACA2YmT1gBL2LIFpZLJ7MKGdTl88uRb8qKQmrCpYaxJJXZzpujm9WRctG2FOqYJnLEAaNEcs7be0AnwzJY15rObj0gsmESfkW-lWKfT5WZFvofiRJphcyPuSB_mLzupnW9ay2WzCSuG8rxbs8w_5-t29ZIEyl_eqpxqZwoGR6isYiOpQZD2QLF-lZMUHmqDCHeUsuqq0EbQLO_2-pQA810BZdD3ms7U7XHVMjpsNf99kfAafB8PqwIKf0wBeVE0k3n_wKVRYyzhd1JR9xJU_GVVg2flArX6DuDktHdGDyddhrTdVqzdPZ77LGrZPyyzS-DiVQDhYqWp_A8oYWLa8YuVzdYvyfLtvsFhUBEluoqKB0T1KyiGZO5GriDS3YARQ_0qHP0S3QOZn4RFJ7YNC8RZpT94b066FF01AvMBgdH7L7Rysu5yavVoRf04M9QE0-TiyBdYN-ZtY2V-liHCVfk24JilO0C6cjSXTYHxU2A_nzkyBnXX1-WRwafCZ6MKPW5b-en41blHvuHsbwTz44LrdcCNIlPkj-23BmOl0dqk77Z1f9_aLoVkiQo7VOM_VCtAETraq8GkixY9lqDL4AppcSfvU3sUUV8TeANmOxX0KnwM8BbKIGheCZCxOvf1etlfzEvR9iWDJOZwClI5fopHLrsToNB2HUaZS0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C322 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=1453899319088291&bg=!4OOl46fNAAba2mK92to7ACkAdvg8WhFtuK4osmv0jcvxTx8JJPYPmpOI9H6Z-O-WzIojKOlyyEXmYwIAAAMSUgAAAANoAQeZAwDUKYQUvX-HN3wn8KPegQSYhVl98rWVsY0Vz5iEcYA89VUhVtA4xpV2H41s-cDNItxrhApSvSCfMQZ52dIh2wPdhoVz_cJqGPFLPwXR22zshs7ZDNFmfOYYJpFSUznFiRJadPYvHHK4Y-tTpLz5BPUv5MEk4bkwZ84GFn5gD99lScdt2uREf-B1Qm0FVL1et2Se4TSZXZ4qBzZKbUY9gpWv-2rUdTCK4PFs-mmFTDezGPZxxij5XN1O8bUJchj9qpkC8wjuN_2csynCju-pO1qMIxSXFM533_TDjZ3HvEdH_Ph1mDWYm8B9gIo6rA4XxHGdWBrpz-jr-6wYFI9qOJlEgTEwPRcxDS3discTONQ-xRCQFGjaSF5S3JklhhtXer-10m5AUIS1IZzg-DvKlB_One444pZ1S9wDz_4NMYwKj1KKDhlBv3rwptlWp1zVHj5pblOZFt1S6uKG6mnkd6vpTLpx6HNWEnaoFaXfTHEAf8i1q5hY0u-m2fxQF5EboSZa0sdYanG_YMPOx6peB7efAL8rWJpHTx-fcfOWvBzUppB7qysRyEFbaiMl37X2EWxrpQjlScE7dcOX_Pj6HbibZOV1iliyFzILXOGu6rFw764huuIqn2lDrOLIeOz_YDq17Jnjm8w_87B82MuPbtQ-DdIva6x_cxQNUg50T9KdjmlJrEMB2KRsH2RMR9Zcw0dvWQbS8BHZqmBTJ5WgFXRcCdOZcPUV2nKjqb1De4FUbvZsJvALPG4VZVPc7PeKiLWEZK95CoK_DX9O6yf2mXdtcaQbras2S7IkTZy0Bi-AS7z9Hw0QEGV2H6g_XTmOKy7oXaGBtr6D8EYlvPD7ND7rZn8sFkXPn5DGKyD9LIl73IRgNa96Ybb7HpoyKB4HMAfNZJVUFe-8esma_w2rBTrn_9jD0-ylZdTlayI6lLh0TsVuKZUJjs_1Z_YG3V5D3P_WpusbqYDEoD_g2BySAlj1NzUY0zgy94LZDcCS_m2GfL0iLPjFJlydkMPj-tOjtqE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 695D 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hc7cq76mcmvxdj4f74vwdpswctv13j70d7x3vqbvy0yxjz6a9cvmymz0mw72y6ba4svq6xvr2xmvsxke06sk0smdt1t2ddbtxgg8myqbzf6hatttarffp5yyp7grgahxvdt2w33xsj56pr0xnfcwhyc5zmpg55gntggaaef1bsmx383e1nm7mzeky0jj51k6w35pkqns9gn4e9fbvn3g6s8racpcxk6sp657gatk0w98b8bvxw2x5a4takh8ypw8bvjsnzf3kszy77h26jegtm7g5yffzttvn6hj91mykrqtkmcaz3xttdk6jf9hjd13wvd5zbp9rahwv5xrr1jg3x4ax9kc55m59cgw63h3gsbvdq5az9esnzq0a0g6cejw62q0g5rgwzjr8afx30ndr9jxw0xqpyshxq86s4qcnnfpg6vcwjky&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hc7cq76mcmvxdj4f74vwdpswctv13j70d7x3vqbvy0yxjz6a9cvmymz0mw72y6ba4svq6xvr2xmvsxke06sk0smdt1t2ddbtxgg8myqbzf6hatttarffp5yyp7grgahxvdt2w33xsj56pr0xnfcwhyc5zmpg55gntggaaef1bsmx383e1nm7mzeky0jj51k6w35pkqns9gn4e9fbvn3g6s8racpcxk6sp657gatk0w98b8bvxw2x5a4takh8ypw8bvjsnzf3kszy77h26jegtm7g5yffzttvn6hj91mykrqtkmcaz3xttdk6jf9hjd13wvd5zbp9rahwv5xrr1jg3x4ax9kc55m59cgw63h3gsbvdq5az9esnzq0a0g6cejw62q0g5rgwzjr8afx30ndr9jxw0xqpyshxq86s4qcnnfpg6vcwjky&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%26client%3Dca-pub-4903453974745530%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
308291
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Mon, 14 Mar 2022 19:31:01 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6edcd4003eee5bf1-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 695D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hc7cq76mcmvxdj4f74vwdpswctv13j70d7x3vqbvy0yxjz6a9cvmymz0mw72y6ba4svq6xvr2xmvsxke06sk0smdt1t2ddbtxgg8myqbzf6hatttarffp5yyp7grgahxvdt2w33xsj56pr0xnfcwhyc5zmpg55gntggaaef1bsmx383e1nm7mzeky0jj51k6w35pkqns9gn4e9fbvn3g6s8racpcxk6sp657gatk0w98b8bvxw2x5a4takh8ypw8bvjsnzf3kszy77h26jegtm7g5yffzttvn6hj91mykrqtkmcaz3xttdk6jf9hjd13wvd5zbp9rahwv5xrr1jg3x4ax9kc55m59cgw63h3gsbvdq5az9esnzq0a0g6cejw62q0g5rgwzjr8afx30ndr9jxw0xqpyshxq86s4qcnnfpg6vcwjky&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%26client%3Dca-pub-4903453974745530%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=i40RNw==, md5=nlnmslSy2ZaL7/XdQ+Tixw==
date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63605
x-guploader-uploadid
ADPycdvgEoRaqnAK77gmI1T5FveloerpApUdaWuKs1kxu6g-M7qXz33-gAXk2jurpWjmu5BA9bF4OhQZKOd0k530QBc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Mar 2022 15:28:50 GMT
server
cloudflare
etag
W/"9e59e6b254b2d9968beff5dd43e4e2c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLpQqj9UTTLx1ef0Z7I2gPL8P5dh5P1y1Q5QQTmIpoRLuQ8iP%2FkLlsqMxmg5PqJXfgpmaTgjY9bocwS6lSuGN2tFvPfmfjXkKDcCMpBAkKqrsYeMrD%2FqLSQ2KtO4qWDzKpRr0DY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647358130172556
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11881
cf-ray
6edcd4001ac9928d-FRA
expires
Thu, 17 Mar 2022 15:29:07 GMT
truncated
/ Frame 82D2 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cc9e32b2645ac83065a5eaa49f4b8dff9a06ddc639f1e66b5ba7044d87a5271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
gg_pixel
sync.adaptv.advertising.com/ Frame BA1D 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEDjAe7Oa6PoXZX58fqIQO2o&google_cver=1&google_push=AYg5qPLr-5s-Koy7EikukSTEfoDcYfkAa_iGP8kV68S0bb29SdEwElIsIgoJ6-MBCp7rRkj6yeu78JVYjir07exc3VkUl-8kdEjzyw
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.170.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-170-138.compute-1.amazonaws.com
Software
ribs2.0 /
Resource Hash
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Server
ribs2.0
Connection
keep-alive
Content-Length
14
Content-Type
text/plain
pixel
cm.g.doubleclick.net/ Frame BA1D
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEO7DBlLMXbmWOTfy0fGxZ_A&google_cver=1&google_push=AYg5qPKwehFFM1gqQp0PUiwFfMw7zXKl4RizHrvBjgObYdwBYcOww9SDBrnyljaMtpAsE59PDoIgyijbdLCpHmmRitunn_j...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO7DBlLMXbmWOTfy0fGxZ_A&google_cver=1&google_push=AYg5qPKwehFFM1gqQp0PUiwFfMw7zXKl4RizHrvBjgObYdwBYcOww9SDBrnyljaMtpAsE59PDoIgyijbdLCpHmmRitunn...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKwehFFM1gqQp0PUiwFfMw7zXKl4RizHrvBjgObYdwBYcOww9SDBrnyljaMtpAsE59PDoIgyijbdLCpHmmRitunn_jYMR-C
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKwehFFM1gqQp0PUiwFfMw7zXKl4RizHrvBjgObYdwBYcOww9SDBrnyljaMtpAsE59PDoIgyijbdLCpHmmRitunn_jYMR-C
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKwehFFM1gqQp0PUiwFfMw7zXKl4RizHrvBjgObYdwBYcOww9SDBrnyljaMtpAsE59PDoIgyijbdLCpHmmRitunn_jYMR-C
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame BA1D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESENz49YKzlrcwtjcsGWnp-vE&google_cver=1&google_push=AYg5qPK6yGpG7eU1RsHs39k3ibRY27s-8gPoduQ15yCX0GOk82JZNJ53wBCeXy1s2d6z756GqcZhohTlnWL-fvTHug5cn9jYkY8JRA
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:11 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
1ndrrh496ds9tuiif0ktlbjp8bm717nh
pixel
cm.g.doubleclick.net/ Frame BA1D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjG...
0
0
dot.gif
s0.2mdn.net/ Frame BA1D 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEE0534upaT_I_BIzhsZGiaA&google_cver=1&google_push=AYg5qPJ2vKTlGuZmlacUDaBXg5g7e38qWLm_DuxcaDJ1YwQU9EYNRswuyoWKF8T_H4UThY5wp1jfJGRdVtnU5O2qF3Bl0pwYXjPGii8
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Mar 2022 09:09:12 GMT
/
onetag-sys.com/sync/i,19/ Frame BA1D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO2bZkfDidCSzbFlQUe39HA&google_cver=1&google_push=AYg5qPIaFT55szbG6qxwTx5Khd0HexHJC5aJ5YoMwtr-nKxkBPIx2-RtvgRFtfSVh8QnlUo4jTCwN0X4JCe...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIaFT55szbG6qxwTx5Khd0HexHJC5aJ5YoMwtr-nKxkBPIx2-RtvgRFtfSVh8QnlUo4jTCwN0X4JCe9BWufvdQqGLso0s9KIF4
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BA1D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcbAEJU3sw18d8qH0YuRkBFl7VblTbUmSPha0jhY3umAhKX-MMxEPo4mq2XI56Fjo2
Requested by
Host: e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
URL: https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view.aspx
pb.media01.eu/ Frame 10F5 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=30285800057875300383828011902004&actionid=981741&produktid=&dt_url=
Requested by
Host: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/69250fcfc588cf5d8ffbc24dca91a6f6?subid=30285800057875300383828011902004&ctrack=https%3A%2F%2Fad4.ad-srv.net%2Fc%2Fc0abnamr1d1w5p6%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad4.ad-srv.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 18 Mar 2022 10:09:12 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Fri, 18 Mar 2022 09:09:12 GMT
content-length
0
pb_ratenkredit_234x60.jpg
ad-server.eu/wm/pb/rate/aktion/ Frame 8D92 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_234x60.jpg
Requested by
Host: ad4.ad-srv.net
URL: https://ad4.ad-srv.net/request_content.php?s=30285800057875300383828011902004&a=c54c42e1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
42305cc1b5e64926c5dde08e513f3697dc7ca902da6898fb6b42dc111351bdaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad4.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:14:44 GMT
Last-Modified
Wed, 02 Feb 2022 09:48:01 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"61fa5351-5b97"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23447
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C29 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=865432815434499&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
eum.min.js
eum.instana.io/ Frame 1286 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 7 Mar 2022 20:34:29 GMT
server
cloudflare
age
342445
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6edcd401799d5c7a-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 1286 		15 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID&ref=https%3A%2F%2F3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6edcd400bfb79073-FRA
content-length
15
eum.min.js
eum.instana.io/ Frame 4745 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 7 Mar 2022 20:34:29 GMT
server
cloudflare
age
342445
etag
768077806--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
6edcd40179a25c7a-FRA
via
1.1 google
nvi
singles.parship.de/nocache/ Frame 4745 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/nocache/nvi?url_path=%2Flp%2Fv00%2F6%2FU%2Fhtlp%2Findex2.html&pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID&ref=https%3A%2F%2Ff0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com%2F
Requested by
Host: singles.parship.de
URL: https://singles.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/json
cf-ray
6edcd400bfba9073-FRA
content-length
15
activeview
pagead2.googlesyndication.com/pcs/ Frame 4CAF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstE77ncyV_rWPWT0zsm0Fd79B6rkPyz-bzJBEgCoANlry1mbYaBpMXCWA8WjypFt_cgUc-OV6u78RDzgi-tDI93pbHwre4fAOjobeX3WYlE3dATwmXpJg&sai=AMfl-YQQgV6o-FkO9U5cAe86m-FpA5xxZXwjGm0FMD9VbE3M8WQNw0r7uvMUDJs4Fz_B-ZCsFE5lu0y2e6MnGRUwO9clK2LHfYiUKgt9EDcu6w&sig=Cg0ArKJSzMmgKtHHkotJEAE&cid=CAQSLgCNIrLMIF6N24d82_ONuuFvBSlTYJCJckHDR6J60X_bIHIOFlqWuolF44BQJ2E&id=ampim&o=294,555&d=728,200&ss=1600,1200&bs=1600,1200&mcvt=1031&mtos=0,0,1031,1031,1031&tos=0,0,1031,0,0&tfs=699&tls=1730&g=100&h=100&tt=1730&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=4203880072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 419A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFK6gNkw0YqTxKaGQ7_UP3euJaAAAAAA4AeAEAg&bg=!r6ylrOjNAAba2mK92to7ACkAdvg8WvMYVdANwNgU3PUQuLPyjMmRV67ydXXgRKbJVfIo8Ob2z044FgIAAAKYUgAAAAJoAQcKAEeCvEKxJG7ERtL0MZbzbdPltjMbtxHmpv0rXDVa55waWelxg92zHaZhlwpv91TeH0C3JTsfFDduvCh9HyWPM9anFGLI3_waW5kDEgzm1VXNywFxR-JlI_u9Au-lZmmvvgpFYn4pU-drjeF7WdtAA3PFQEEOCLmBNUTEUJG4P6HkgesXBm0_Erao4Vz9guUUQxmpzm1Wtp_6ri3C-KdeL31yhy_Snc4BEaFPjPvgEp-PqEOE4zoFZH2mzwYZBu7HEyDk6eYGLBXB_Nasp0yaZLCJs-Km8m1Taj_u7rAK7LBpWhbKyF3lGQ6E2fM3tMjP3p1KK6xWPn0_u2mDL3kxIAO3r0MHVH-Na3HJ4nM1vr70K7OR-1xwesSAMljd2iPk9-FjcdNO26_HkKf8pFL-zROINtp9WKQnPoXsEcLx6JydwlptBlG1j9qXm3vMila57Z1SNDwGf3kTK8NNhfqPrpGfDY-WKxCDeCNXzGZNJr-bvVYWbUR-XSak_msPLB5EXIGgGojXsrMNg7GIM5F6gt_uzJHXbdQXlTn7TDziSVywksO_GtmVAnwCagb4GE_LbonTWNXSP4EFd9ZRFckP9P05asRtRB6HYO6_cdxOekyafeT51AlVuXnWKOHlQelbClcIKHiTt3ZLo3ufFS6N0In_l-x4poso0Ek-qpQYwKa06iwundC8WAyGcqTo90_VCoecaT_hAhi6GmGsXuzAax4_20fmbTJlJSfmUrHQNvhO4sR7bHDWVimcDrkrgzRSxdeOqpdWvUQhkCzvK4nFqTZxtDBFs7eVGiDd_S3GzEEslKkFyuH_lxA1QyZq8TCe6u9hF8hJjJdh7iUSrYJXzPYNWfYguY9Sx8fhk14cU9OmwHxfkmMGg-QO5wDFJx6IkbVeBZHuxVrJoqMOv_PFyuhE9jOOelgUgUr7lS3alwfSnlJtfpyQB7wiL1e_MLK6wsspB-1vZDBh8OrXBXKN6-mRw4lp1Igr4-p8KnUwqirXyKkFOKEhdh0rdXl1OULfq6jaiOYMkckrzxovuKwQh1U4TxwL6YXstDNSxL6fjAmmASYfyTbYqjaAf7V_LT7AszDpzJ9rl6kqvHKDsqcFqD35AdngGcrIgq14U3HscXZs_IzfamejwaFdxvk2ag
Requested by
Host: 3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
URL: https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA75 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO4_8Nkw0YraOLN_J7_UPwqyb6AwAAAAAOAHgBAI&bg=!enmleT3NAAba2mK92to7ACkAdvg8Wpp-e4BfoRRGVLXBA7cXjleTxzHmHZWu1kWPNRCWizP7WW_DfAIAAAKSUgAAAAJoAQeZAy_qhy3HnlbzLGKT28ftoPMw0OuDf8R0Vr_qyj2E1vAUiAYBI62-ai1lTWA6yygKjvOLFPeA0eDr_sL0XTVB_6uNEiCID8ZcLZnEoeItbBIYUuDGfKS2jsQeeiulWHqThtkpApG4AmWkXMw8cjS1_rwPEf6u83FziW_uMtxsX62OcFzs5H-6hqRq1B-FZVnI_5RsIUlIHvADw59gTSWcpiizt_QXChNNRc_icyEY2IAH5OW9Ms8QaR30FTNzgepW-mgLpfMXrJJJljujKEp7yG1NJR88QCry7-H1tyinhRqybUkca7SSEyWu8GShzqmR3aLrcR2VFYfixR6yOo2ox6kWMbDf5vT_JweOw9rS_ypbk1wWWr_4p8E3-W3EpvaNVcRNbKaTsnVAgD6CEFBAQKJJ-Z1vvPjGwqbcisYzyRyUxBKitbjYtgFafbyFgdjGoQU4bXkwjtQTxc-lZnmPo7KL2h76_8EjYH61115b749qIuo02UnaQkCuHa2EmQEKf4FyExjsNTU4E3ohZCBZH-84l6qgg49xmXOnExY1lQ-qA2gbGUvtom0OqOU4pGPfNNA_MUNjYRWkz8bDWKk0VQfOf7JKmGPgzdEjUCBRRMH1jbr7wLDtS1C9WDtToFp22Jg_hpqh3sr8HMy2d5KY1_vye_nYDKiWeMN7rggeEL7bcRywr49MtnToYUa5LbnRJNatt87Itf-KxXx8A3kvErPX8mie3ISWiLig2D14gQ2QPZVjMJFs7fgZhb3DBSVPv4EuX22CdLjUW67Eij4UiH5W6u_3OZkRVkld5PFZaXhplohBLLmkIvLVvvFxnuN0xr8Vn20gKinQXoYti6mjwN3mGjEJTQMuqHyL0u128CYpGUZLVUoU3B4kW3KnWb25bF262gjfPHvUCfdD_bvDb2Cd3oOrJOh71fEv51AJcjq1syz25XZOAKxq70UcKToEZt5h26889e1aXJKzQtTaB2awg_ZI7GjHZuv1d472MLwctSqmnrfeINhVw0OVzUTffqWkDdW0b_WLIHCkBR4SxvbsoHOZ_vNUymgqzGn5N-CLG8tEG4XPLxLk57bj_FCpxg
Requested by
Host: 3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
URL: https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
pagead2.googlesyndication.com/bg/ Frame AB17 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtrk1l3d69CApoaJcCvKSIFK_q0S4za4Q5VfteMZCz0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 08:42:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13875
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Mar 2023 08:42:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C6F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtTpdNkw0YrvxKfPH7_UP8bWemAIAAAAAOAHgBAI&bg=!CwilCEzNAAba2mK92to7ACkAdvg8WjRHxxndjKahU3HAaECeLmFtz19tzUVFJOfw6aL-hv-irvT45wIAAALCUgAAAAJoAQeZAzJJfpyDzL6hjD2FC478H6G-XBGxbF-8iGsz4inJtsepGycea4UOTmEV0Cdn3987feRw5Be0MAubtqepSABQycUjTqsW0aRfi0F-bXIBMwspDNiIPMMnuCGr_Se1OMxd2pd87tz5YXO97gu1dilKtaEiozkRTw_-d_Ri9yiCjzQmu6qAKfTb9gj0qVrJRS3IPWlnikEIR5r98rlzi9ATBRWglifH2c1L0JS0w43pEp57cDTqWCmPIa0Uan8OPAAgO9KJaG5bGBknTHu9PrDCMMUpOvkTMuS5pOVFmcwMjHSeVXxa-W8TLyd5DV-nYz1FpBSslyPix_OggvwjumIhZl_4bEI-aFo9HfdSViuNB_ntB3Jpz7rArsQuxx5ouWo7YbfX2TYQPh7k7Q4BgypA-nibnd5s2JqdJ3ZFEjmovGDd36y1ZLCkdfQ4s0y-E6P-c92gE-jurop6sgPCEs39pMG7TFXHQaGAKtxqlcOsYnLR9z6I7-SgrwSxpJ1dgPVxFbjOBotK_vLzK09ceGO3TkTo7V09hsU81evqTtkx7dJ3PitZYFK9ejbglkRvJWpwsLL2OPUrr8EXH9RgYNiLAYk3k-mEmCwAjTGpJal7dPxECGOr-76ukohRr75r_nR7e3NgPpasmlmwXBxBiX96ZeEnkHy17mhvkpdlAKLNkV_O9i8IAW2-UWbRg4QFMqgea4Ty8Wg3Fd2lcEvCNAvBWZxDuEjMjq99FYGQ6REZSavRNh35Y55XkAhOSYJfpfCqZyBpotZoSJR0K9HY2R2lbgRu-eNEHAI3I0P7hjnPx2i3qRTjnTl1JXzn_BAho-3gHGe28OZs3v9JxZ03JVBVeo3XDG2YEJv7eXJ00qKP_efBMr5WIk3RmBybTCXZAKsf5z_dr2eT-3dzVX2V6LqBpcfkqifF1w-HACth3ZQYXPlwhyVOGIM5cn0U5Iu9P4Tl1_7y-EikMLylrFl75YOyxgqmoS5rVGT7c83dXU83fvmkMbPFjngYf2D_Mdk_0miGcypdHs_jg63LiFWs4FB35sRjH4hGw5ayDDMqA9TxSoIw_-BFO28bVAGnnnyYLGpEJc9oDQ
Requested by
Host: f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
URL: https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 695D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Fri, 18 Mar 2022 09:09:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4498834
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WBwJ%2BXyBEQif8hlKi0ljp5lzfjzUViFAQEkfsGhyl1PZEQjZP%2B7sVHUzt4ggZ9iS5fG4VRCuu5HXsRdf8U69crqgpmu1rO1x8wc2yZjTxE2P7gdjh%2Bp1A9XIhWIbaiJt8sdpwnp2Z4lVdr8IHqt%2FQgN"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6edcd4017e05901c-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
frame.html
ad4m.at/ Frame B4C0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdtpjC_BIP2JYJZvmIEVoowNNyTqNe6BE0JRdKJ1uhQ6k3Yfe6DPCN0GjBPS_zYil04QuBTjwG5dQACzvgbqPw78EHDYzg
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
expires
Fri, 18 Mar 2022 10:09:12 GMT
cache-control
public, max-age=3600
age
2044197
last-modified
Wed, 06 May 2020 15:09:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB9U%2BITK1LK%2BWDr3J0Snq%2FY84bGuXjb3r%2F%2FukU7IK5AKJP3mMrOhO0Zf2Ix%2FT2iqi1OHPFC3SpmxT%2FqGSSkRFnMNnssVTJYgBrM68VmSQlrDqdz4pGVeEPZkO%2FGuZHAdmnLm0kI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6edcd40158765bf1-FRA
content-encoding
br
rum
singles.parship.de/cdn-cgi/ Frame 4745 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
1cd65d37c0c167c7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
X-INSTANA-S
1cd65d37c0c167c7
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=1cd65d37c0c167c7
content-type
application/json

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6edcd402293c9073-FRA
vary
Origin
rum
singles.parship.de/cdn-cgi/ Frame 1286 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://singles.parship.de/cdn-cgi/rum?
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-INSTANA-T
cbc93d8652f21e13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
X-INSTANA-S
cbc93d8652f21e13
Accept-Language
de-DE,de;q=0.9
X-INSTANA-L
1,correlationType=web;correlationId=cbc93d8652f21e13
content-type
application/json

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://singles.parship.de
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6edcd40229489073-FRA
vary
Origin
/
match.adsrvr.org/track/upb/ Frame 72D0
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-type
text/html; charset=utf-8
location
https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rs
ad4m.at/ Frame 695D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3927cfd85aaceee40339c01586036cf3ccef061d090793d461c3008f1f899bb4

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6edcd402b8059bbe-FRA
date
Fri, 18 Mar 2022 09:09:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ddh3GxkqDnBZct7CQHd664axSFrdyHviTdRLxcXaSqRQleGn4pQjMbLBjRjm0kHmgNLpF9YZ5LhY%2FU0QDzID3p6F8UtmsQpgvX1PGy%2BhSHqoa5yEEo153gkePAOVoG3lXBR%2F1kc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-bjhb
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-bjhb
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSkzz9ZQZHGLN2VZZP65DYcCJHqnjYUtlDOAIZ%2FfrKn5LML3LXdvafWxJjy%2FwAdtIN6uwDfiUZ8JwdjnR8lW7ICO0FBNd6VqcLcoh69HCuWKv8sfVis94AtSyeSRZ%2BK7EaVnXWA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6edcd4027f9e9bbe-FRA
generate_204
tpc.googlesyndication.com/ Frame AB17 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CejktA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rar
as.ad4m.at/ad/ Frame F593 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df36b4644edb1e7010622d0c812d02fd4e54da667f3b705f6d83dc52965bfc4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hc7cq76mcmvxdj4f74vwdpswctv13j70d7x3vqbvy0yxjz6a9cvmymz0mw72y6ba4svq6xvr2xmvsxke06sk0smdt1t2ddbtxgg8myqbzf6hatttarffp5yyp7grgahxvdt2w33xsj56pr0xnfcwhyc5zmpg55gntggaaef1bsmx383e1nm7mzeky0jj51k6w35pkqns9gn4e9fbvn3g6s8racpcxk6sp657gatk0w98b8bvxw2x5a4takh8ypw8bvjsnzf3kszy77h26jegtm7g5yffzttvn6hj91mykrqtkmcaz3xttdk6jf9hjd13wvd5zbp9rahwv5xrr1jg3x4ax9kc55m59cgw63h3gsbvdq5az9esnzq0a0g6cejw62q0g5rgwzjr8afx30ndr9jxw0xqpyshxq86s4qcnnfpg6vcwjky&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%26client%3Dca-pub-4903453974745530%26adurl%3D

Response headers

date
Fri, 18 Mar 2022 09:09:12 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6edcd4037b4e5bf1-FRA
content-encoding
br
tracking-event
api.webgains.io/ Frame 44B9 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Mar 2022 09:09:13 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:13 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame F593 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
308292
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Mon, 14 Mar 2022 19:31:01 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6edcd405be455bf1-FRA
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame F593 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Fri, 18 Mar 2022 09:09:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38814
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdvcN_tT8Zpp029PLDMTUZ8-4DQaFAwGm5t9LjmWyoBQeVRGPpXmptzLadETzh8B9sgmZttBCy2e4IK5VKLp_B2DHdrbRA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o67MU6EP9dqU3HHEvqb%2ByF9ZcXX%2FqJA7BjMo%2FyVJ34aMSvMTAvgcoyU9CUuAu7fbJQ8ZDWUkuv0qqW7IBGqYcuSIHEdVqjNFh671QvWzTVBkBVPsArZ9IegNqmUjTPiKkAvTAke%2BdnNgdm7o"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Sat, 19 Mar 2022 09:09:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6edcd405bcf3928d-FRA
cf-bgj
imgq:85,h2pri
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame F593 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=I4uEDQ==, md5=w0ixd5U6xXIINsBOGiFnPQ==
date
Fri, 18 Mar 2022 09:09:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47116
cf-polished
qual=85, origFmt=jpeg, origSize=132437
x-guploader-uploadid
ADPycduRwi5rbDjdik4LeM2PVjX_pt2PFVEyYQ_ff7etrxb0txZHv60Xst_fuIB2-IH3eVwBwL24lROCtItX4JyfpMU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3Vx9Uny2vFGY4TTFiQB1%2FVKYyKlMk43pSF9eBXatTRnNox2OuXcVrLKOIT6n1JasQsvJ5EJHkhsWrhq7NN0I2B7qCmv67Ltxna5FQPboW1ZEBi6w4PmB4e3na5LuC8U7y810D6bs7GM0dNW"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639072283176296
content-type
image/webp
expires
Sat, 19 Mar 2022 09:09:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
132437
accept-ranges
bytes
cf-ray
6edcd405dd2b928d-FRA
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame F593
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022031810091365820154449X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3...
49 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022031810091365820154449X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022031810091365820154449X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:13 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022031810091365820154449X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&spid=2022031810091365820154449X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211
date
Fri, 18 Mar 2022 09:09:13 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame F593 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Fri, 18 Mar 2022 09:09:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45710
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdtpuNC4pde7lZo5NBjZCiKbKhtG3clSSuddGfUCN2zO9iYZDmYVMIoEYOhFrTaWnfuSNEzp6oZ3ZqJYXaGX6sn9aJNEOQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOk90RwSyRXrzjPbP2%2Fsi5Kqrw7of5QH9Nz0C%2BugjX7FeZ73K3nVxfbkU9Hc030pZCeYZMLtBFrVzLmLkmjL1%2B5ZNxYxVCfLijyFIkmehAF8oGGudvKQpcP%2FB5GEvLjevkr8l3BK%2FQatWUsN"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Sat, 19 Mar 2022 09:09:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6edcd405de7a5bf1-FRA
cf-bgj
imgq:85,h2pri
4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
assets.ad4m.at/product_image/ Frame F593 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/4DE97418EB5F5BE9A71C11FD95916F9836DEEEC46AE84ACFA7D2376456F7A7C74F106F12C1A70D7E3A981D479BA3AF50577133602BE1F8B4B02B50A143BD72D1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=JbWtsw==, md5=JJTrR/gVHMvTHm8bHvL8+Q==
date
Fri, 18 Mar 2022 09:09:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14070
cf-polished
qual=85, origFmt=jpeg, origSize=136162
x-guploader-uploadid
ADPycdu9RHRcGfn0VllZY9zjHsApC6bUzlU_a-2pNgNwp2XKzfiFOXMahbjLJeVduMY--gaW80EiTtNzCLtKyDXqVik
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19842
last-modified
Thu, 21 Oct 2021 09:14:42 GMT
server
cloudflare
etag
"2494eb47f8151ccbd31e6f1b1ef2fcf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNx7CFUQcyjHwxRBqPXMa12hiSRn%2F%2FaFZIhy4IXVJVMMSPgMYB5olre6x6dcREfxeGNsPQnWsB97nDtTIYwvRD3yW4ySXUlec%2BJ8RHuMGmogRgqRRQWLbW1PiMxPU6aYXBddAQeNYcjraUTL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634807682206403
content-type
image/webp
expires
Sat, 19 Mar 2022 09:09:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136162
accept-ranges
bytes
cf-ray
6edcd405de7d5bf1-FRA
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame F593
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&gd...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&gdpr_c...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022031810091365820154447X117663V1225131106MSoneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nm...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022031810091365820154447X117663V1225131106MSoneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:13 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022031810091365820154447X117663V1225131106MSoneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush
date
Fri, 18 Mar 2022 09:09:13 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame F593 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Fri, 18 Mar 2022 09:09:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44929
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdtI3vAcHHKVQXU4G9Pm7Xwx-S49NFofWyiUx2LqifYsCkx3iq8ufv1r31owd3g7o7c_xr10Lbxw23nD0sl-dMpCMorWbg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgBn%2BYplR1XhAWDvASiZYgG6y2Q4aNkwqe8sRCDCrHM1p%2FUChjzwDe1VdocIkt%2FsFMkuCkMLBoJT9A%2Br98obhicnMY4IF773BRT1KzeqCD47MGJTU0Pr2ouTjwhEoluLsQLasQrNHbKECe%2Bo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sat, 19 Mar 2022 09:09:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6edcd405de7e5bf1-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame F593 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Fri, 18 Mar 2022 09:09:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
857454
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdurVX_TQllJqq9NCW6CCnJhtUBuEYviYLcJ9o5JewjDiNHuXcYN19gc7beLhxzBmbbdTuJnZ5pv0IrAlbaM2pWlyJLPnw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85737
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3%2B14P4Yir0CxHJnVXjtUIJ%2FiVqL903PNZlEgLfX31xR2y%2FqxbATugLlRVfEKyOsLx0I3%2BJ5x7sA4P9FLd57yo%2BbZSKzlsK9R3JDwtuG4N5hZrCbpmA5d9sww2jUqlxb%2FYOoMtakIitVmmyY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sat, 19 Mar 2022 09:09:13 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6edcd405de7f5bf1-FRA
cf-bgj
imgq:85,h2pri
tracking-event
api.webgains.io/ Frame 47A8 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Mar 2022 09:09:13 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:13 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
link.html
track.webgains.com/ Frame F593 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hj9zz6wgfk6427t608rnamt6vv0cz3rtf2mhdjwwtfrmb86xfewcmc8sdkabdtqmh8vqzg92z619etwrv7a64cdaa8tbydbx435q6190293cgf309f3dpj8bv3btbtzh2hdt2jj46xama38dnantjqvfse8zs6nx8w0qh3x8x5kxfpztajrynyd66eegrs3f0qad5pt1qekpssyay02h0pr0wxyrhsyw6ca30grnvzgd15gt173jkb9q96pj6qm73fr72gpzey7fbvabpny8et2wbm7m37nswhb4pyrsffg674rvbpdzyr%26a%3D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5e211be965efaead389567c94878761a272af09b2aa42a8013ed1f51bf62eef2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:13 GMT
Last-Modified
Fri, 18 Mar 2022 09:09:13 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1470
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 82D2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyA7FL7bVvtA0lCRULKg2f8MCT3a_wxUzNADmxnQvRZb7m4q_DkWP2YkAZiFHSrLcHnafIZdD8JTW4aFjh9fa9iw&sig=Cg0ArKJSzFzd3QFWDK2bEAE&cid=CAASF-Ro1XDjdYdLjYm_8cIXP7eTkx5tk5g5&id=lidar2&mcvt=1000&p=939,1289,1189,1589&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2992467494&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647594551138&rpt=469&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame F593 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hj9zz6wgfk6427t608rnamt6vv0cz3rtf2mhdjwwtfrmb86xfewcmc8sdkabdtqmh8vqzg92z619etwrv7a64cdaa8tbydbx435q6190293cgf309f3dpj8bv3btbtzh2hdt2jj46xama38dnantjqvfse8zs6nx8w0qh3x8x5kxfpztajrynyd66eegrs3f0qad5pt1qekpssyay02h0pr0wxyrhsyw6ca30grnvzgd15gt173jkb9q96pj6qm73fr72gpzey7fbvabpny8et2wbm7m37nswhb4pyrsffg674rvbpdzyr%26a%3D&clickref=oneidApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9oneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7oneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
15367
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 18 Mar 2022 04:53:07 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
GPFmXSOUrWjt6kymaMaK7uJ19yNGGukWO3po9yTrFIFZiCYXDu1rfQ==
link.html
track.webgains.com/ Frame F593 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidzgQBTRfYfbqxteCBHMtqtzX4sVSZtg31UWoneid__asuidVjp_i37K35WlbDEU5-dMYDChMfwgNb2Oasuid__adalliance_mobile_advancedad_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C37798%2C24673&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcd%2CEbGSDfqQSmEDszHAHjt4t48eTqTVT1dc7&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTWeWh9HdH9tpC22XcRTKTXEhA%2CApEhYf9muK2PaAHRH4tMCMA2T7T4T1Ec9&c=300&d=250&e=eknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9um&g=6ea1b97eb9b4f80aee31eb338f8266af%2F10560244176294128373&i=20774%2C20773%2C20430&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1647594552789&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kzx2504tv3y7kxbf8ks41fjqrfw9r65tfnwf4qh3axxvdqv8kdjv9ffxjhnwn5mv6hebj8p3c17xgrdcwytmfwwdas6pr5w1kwws462dm1yp7f7frywxb1hj48e28rvj6b9ymk95pqpehp2ps9afs78c9qxnfz2b0s7q28gqwnnpwf94eb5n33j9nhvyc0a3wjkcdk0khesfygaqe4zm5rbj4bd6cqwy26j3m9965dc2dkcdg8qcwxhpzba6kwwkreyn9yv7xvxsvyegjt0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjov8N0w0Yo3dH86cgQe9nguQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00OTAzNDUzOTc0NzQ1NTMwoAHCrujdA8gBCakCozIxVt6Zsj7gAgCoAwGqBPYBT9A3-inKhvktgU0R0AoVDOolNOrh7VbHVeBCfHH84HJA8MmjUMkp2nyT5tTU6oIz3Cjm_MAUke1-JOkBDRXgfwwPjkbyg9KlHTVnp4Sshj0baU3G7X9y1TUE8rxyYaihq1rqipzPghSAMftu4n-ujBNHzXj8yfnzgWloLzk0IvKn2szKrm9F1FQj57rr5xU-Id3Lq2sOaeTqGwDzBgUPSSIj3vacL3qY1dm--dKeKFTyYCbe9I8cH10ScLbIJ9umFfcElJinx0yeBGn8ZXT1GTWMrRuWeno-AJ0ka0ja69eyu05607oWpaw0V5IWfyVRtKx4TsLQ4AQBgAattP-YpOOkzyKgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1aHEZWg1szCyCNF5rdgwbT2eKxxw%252526client%25253Dca-pub-4903453974745530%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Mar 2022 09:09:13 GMT
Last-Modified
Fri, 18 Mar 2022 09:09:13 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F99A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=865432815434499&bg=!FxSlFFDNAAba2mK92to7ACkAdvg8Wt2fInc3r6GoY5Ce_M92Np514PGIaH0psCnoqHXgbso5AV8y6AIAAAGwUgAAAAFoAQcKAFF3R6ZTH1r7sAeWjuxh-AuhOkgNpviWDC9896HoVd3tzjIJpLtDas_sVgHw50WVgvs5wVxAmsc1xCMBDHUQcqkP9SED7tlZN6UuU43LQkWj1QCZAvP2-ohO01bNh9gVC7-6S-p929okkxcpSw-RxUETdMAAYS07UjYe7pEIFk4bWkpg9bZtChv2vSw2irn_bjqenx-ceWlaNwVux2sat-GrDW_HSMAirQaMFUhxRC6zkUMHSMiHR_wRiBhQNo78dKYvFCEe8cEo9U_7CPWkWYTyv7Jwhqi0YVaXJkux4fSMsB7CPQx_vfEm6BuPRhdlaPa-Kq4Om9jxOWAJo3ip6rpksaKyHX6aZPKIdRkV6QHTH7m8WW5AUGsXVH1mtb7OTt8EosSlmgR5DMzDgm7zw1v_UvxqinJCYLXJQlb45WscJII_RLCwIh9BI0ecqyKYnuRWE8shJ5d7oJA6mrl_vkKIhNkzC3BabfF6F5HYPxnfeQy_RoUUWWNQnHiLCtucJaZfsfQiq-lsh5ISGGcEY_6F7trorBjPtroXD7aO4QlG1rrtt-uuE5XOAMSGtP6M_rHGS5R97xMQKiMTJkfQXqVhDrbNnc5mODJhpSok1ROyTqCZE3bnGkQ-ds8IznJfFCfh3I_TD96d3I3Ny7fmifMmWspVvUPv4Cs-Sotd5S_uhf8IhHBz6HlbBwtHg-KgUsmnAEquUxtzBZmUVk4j8ZKzmH_eM5qRsmkTKlZCJoAFMhj38ZsNP1meYYYWdiEUzdFghvA8bzb6fe_7dR5OuZDvcbwqJ_8_Ph4neyrQsL6g03FgLHm6vzMfgV-YKKikM5fWe0oYKp8-AhFC6Vcly-zpY4rF6YZeFY-EkYB1UOMZDTFH1J9UWPUvxsFsmvl0MQKPxnjqYjtwzUYRLcWm2YXyd63-VtmrHjC9jd72HAbWNj7b-IsRbH50A5OBKGVDRnGKhFz0YQkUVYdRZqa_1aQLYW8xEXW9gf44kLYVAHDTJzrrYCxfjsoTB4jTLvopmKEUXYadMm8asxd673wSGJvZJFd1UX_bMHsq1JFzByGiOffKG4lbV6OieRcxQK9sDve_kHO8OIKBt39ZFPlp1yES5eUacv-A8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id5-api-2.js
static2.creative-serving.com/ Frame 4DFA 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/id5-api-2.js
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:14 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:23:14 GMT
server
UploadServer
age
2740
etag
"43e554f8c9787fa63a85955c07ba1918"
x-hw
1647594554.cds257.am5.hn,1647594554.cds283.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9982
tracking-event
api.webgains.io/ Frame F593 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Mar 2022 09:09:14 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 18 Mar 2022 09:09:14 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
101.json
id5-sync.com/g/v2/ Frame 4DFA 		213 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/101.json
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/id5-api-2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.211 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3213278.ip-141-95-99.eu
Software
/
Resource Hash
93eaa88b166eafa8512888584b7582622d90c04be6e2c7895e28330285d82806
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
date
Fri, 18 Mar 2022 09:09:13 GMT
access-control-allow-credentials
true
vary
Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
pixel
ads.creative-serving.com/ul_cb/ Frame 4DFA
Redirect Chain
  • https://ads.creative-serving.com/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
  • https://ads.creative-serving.com/ul_cb/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
802 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.creative-serving.com/ul_cb/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
Protocol
HTTP/1.1
Server
18.159.23.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-23-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
71f88e3fa6f464f70e06666256b2433cdd4980299fc3aa0f04e65243b378b75b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
802
Content-Type
text/javascript

Redirect headers

Location
https://ads.creative-serving.com/ul_cb/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
Date
Fri, 18 Mar 2022 09:09:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 4DFA
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=100
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=100
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=8b7b2f62-4e7c-4c50-b7af-7a241ea0ddc2&gdpr=&gdpr_consent=
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=8b7b2f62-4e7c-4c50-b7af-7a241ea0ddc2&gdpr=&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:14 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=8b7b2f62-4e7c-4c50-b7af-7a241ea0ddc2&gdpr=&gdpr_consent=
Date
Fri, 18 Mar 2022 09:09:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
RX-d60c8779-0559-42ca-a371-e7bf7852a79b-003
sync.targeting.unrulymedia.com/csync/ Frame 4DFA
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=952
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=952
  • https://sync.1rx.io/usersync/bidswitch/2446c753-8c3f-4de6-8751-a0262db34d5a?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/2446c753-8c3f-4de6-8751-a0262db34d5a?zcc=1&cb=1647594554488
  • https://sync.targeting.unrulymedia.com/csync/RX-d60c8779-0559-42ca-a371-e7bf7852a79b-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-d60c8779-0559-42ca-a371-e7bf7852a79b-003
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:14 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-d60c8779-0559-42ca-a371-e7bf7852a79b-003
pragma
no-cache
date
Fri, 18 Mar 2022 09:09:14 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4DFA
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=686
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=6932b710-e65d-43e5-aa65-b14b357229ff&ssp=&expires=5&user_group=4&cb=686
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2446c753-8c3f-4de6-8751-a0262db34d5a&gdpr=&gdpr_consent=&gdpr_pd=
1 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2446c753-8c3f-4de6-8751-a0262db34d5a&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:14 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:417
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2446c753-8c3f-4de6-8751-a0262db34d5a&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Mar 2022 09:09:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/s/101/6932b710-e65d-43e5-aa65-b14b357229ff/ Frame 4DFA 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/101/6932b710-e65d-43e5-aa65-b14b357229ff/1.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.211 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3213278.ip-141-95-99.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:13 GMT
transfer-encoding
chunked
content-type
image/gif;charset=UTF-8
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
demconf.jpg
dpm.demdex.net/ Frame 4DFA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=393426&dpuuid=6932b710-e65d-43e5-aa65-b14b357229ff
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=6932b710-e65d-43e5-aa65-b14b357229ff
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=6932b710-e65d-43e5-aa65-b14b357229ff
Protocol
HTTP/1.1
Server
52.19.204.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-204-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v030-0a6c4291d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
NKg1nlsGTog=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v030-0123cbe82.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
SZGlnQx0RaM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=6932b710-e65d-43e5-aa65-b14b357229ff
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
p161
match.justpremium.com/match/ Frame 4DFA 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/p161?ex_uid=6932b710-e65d-43e5-aa65-b14b357229ff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.47.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-47-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 09:09:14 GMT
content-length
43
content-type
image/gif
gcm
ads.creative-serving.com/ Frame 4DFA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
  • https://ads.creative-serving.com/gcm?google_gid=CAESENx3Fjvn7h95Efe5wvU0rZw&google_cver=1
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.creative-serving.com/gcm?google_gid=CAESENx3Fjvn7h95Efe5wvU0rZw&google_cver=1
Protocol
HTTP/1.1
Server
18.159.23.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-23-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 18 Mar 2022 09:09:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Mar 2022 09:09:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.creative-serving.com/gcm?google_gid=CAESENx3Fjvn7h95Efe5wvU0rZw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Fri, 18 Mar 2022 09:09:13 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
/
eum-eu-west-1.instana.io/ Frame 4745 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-130-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Fri, 18 Mar 2022 09:09:14 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
eum-eu-west-1.instana.io/ Frame 1286 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-eu-west-1.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.130.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-130-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://singles.parship.de/lp/v00/6/U/htlp/index2.html?pscode=01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137737c2-a69b-11ec-9685-00155d255900ID
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Fri, 18 Mar 2022 09:09:14 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone object| oncontextlost object| oncontextrestored object| zarazData object| zaraz object| CloudflareApps object| __CF$cv$params object| __cfQR string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __cfBeacon object| dataLayer function| clarity function| $ function| jQuery object| Popper object| bootstrap object| _0x4eef function| _0xf565 boolean| _purpleadsWasLoaded object| _purpleads object| a2a_config object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init object| icons string| svg_tag_open string| svg_tag_close undefined| svg_src undefined| svg_src_default number| a2apage_init object| _0x823e function| _0x5eb8 boolean| _purpleAdsDisplayInit string| purpleadsInstanceId object| purpleadsAgent object| L function| mytextcopyFunction object| map object| marker object| popup object| _leaflet_events function| submitForm boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| color object| recaptcha object| closure_lm_623729 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

76 Cookies

Domain/Path Name / Value
.nets4.com/ Name: _ga
Value: GA1.2.1625617818.1647594547
.nets4.com/ Name: _gid
Value: GA1.2.1496276409.1647594547
.nets4.com/ Name: _gat
Value: 1
.nets4.com/ Name: __cf_bm
Value: BryOsuDLqJbQL8RcqL_Y7DQNAciWwZb2D0c9C4tyGgE-1647594548-0-AXUizyqukued/UDd/93GQ5VlsE5n0yCA8zDIHzemS3HpWZu3bJI2AoT0BiAQCGdDnTJdA6gapqPBu7Q3Z4b6cEwsMprXMyTSwLdroXDZPmSP1IpPSMlUG+9UaKZHEDoNEw==
www.clarity.ms/ Name: CLID
Value: fe396bdc0af748f6ac3f3e8672d3467b.20220318.20230318
.nets4.com/ Name: _clck
Value: uue29v|1|ezv|0
.c.bing.com/ Name: SRM_B
Value: 3D04E227B70E6A5F3268F34CB6656B63
.nets4.com/ Name: _clsk
Value: 1dq1pxm|1647594548418|1|1|e.clarity.ms/collect
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3D04E227B70E6A5F3268F34CB6656B63
.c.clarity.ms/ Name: ANONCHK
Value: 0
m.exactag.com/ Name: exactag_new_gk
Value: a66b5a46dd914711860d1d7bf5dcf53f%7c17.05.2022+09%3a09%3a10
m.exactag.com/ Name: exactag_new_uk
Value: 93b6b1f8ac1b447a8ab71b586a45dbbb%7c
m.exactag.com/ Name: session_session
Value: 5d5fcfdb72ad4377836ef5a3
.adfarm1.adition.com/ Name: UserID1
Value: 7076364709353358565
.nets4.com/ Name: __gads
Value: ID=b81b0705607d37e8:T=1647594550:S=ALNI_MZzcpFenwuYQRKXNc3zcMPI9rkQmw
.doubleclick.net/ Name: IDE
Value: AHWqTUllQIbviVQ9tMiEYvrKz6Vw_twhyes9JF5dtRrOibQajWvqButLTz5uKyPgxwI
.casalemedia.com/ Name: CMPS
Value: 3267
.casalemedia.com/ Name: CMID
Value: YjRMNukErPyztDBnYKzurgAA
.casalemedia.com/ Name: CMPRO
Value: 1121
.adnxs.com/ Name: uuid2
Value: 1014078609713064823
.casalemedia.com/ Name: CMRUM3
Value: 2d62344c372760CAESEB4lfgPqd67rLFWaUcMnBSU
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlkdpT.7!]tbPl1M>e)ZlrFUfJ+tGXxo3?TDk-<]-#_<^R.k<<.8iE?6X[b#s#[*JUP`3If)y3KL9D3I?+CRyz>/
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: e6f4cdd78498deee
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ad-srv.net/ Name: pwzdy6wsn8n7_uid
Value: 1c49e91cd333cd3f
.awin1.com/ Name: awpv11524
Value: 296283|1647594551|136e7331-a69b-11ec-8df2-22307a82f47e
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1648199351%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%2213773ad8-a69b-11ec-9dae-00155d255900%22%3Bs%3A3%3A%22sit%22%3Bi%3A1647680951%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj13775496-a69b-11ec-9dae-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1710666551%3B%7D
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%2213773a6a-a69b-11ec-9dae-00155d255900%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221647594551%25%255503284%25%25137739b6-a69b-11ec-9dae-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1663146551%3B%7D
pb.media01.eu/ Name: ASP.NET_SessionId
Value: tcyxp2vawcingf5orxshaxvp
pb.media01.eu/ Name: DTU
Value: 433E33E08BCD09A3A89562653CEA22D1
.zenaps.com/ Name: AWSESS
Value: 377134:2470208
www.media01.eu/ Name: DTU
Value: 3A673562A1C4D9388A3943CD9A891044
.singles.parship.de/ Name: __cf_bm
Value: mTPjsCGRMyk4sfIdbQl2bwSqicOm8Fv3hk6_KqC3Iio-1647594551-0-Aev3/oSEt9yV+8/c4pWyLPdv1QK8hsu5u5MwwQzeunznM+Trwylb0mHYU9HZFEDZfXDQ3D2NXQTDTgkDDK4VZUI=
www.conrad.de/ Name: HTLP_timestamp
Value: 1647594551
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: PWStmK4pkP8b.QZ0_hQO_AM_z91UgG5MCZ8jBmoy_gg-1647594551-0-AWr+K+4PRBmTwfMABSmNqad8yKtrGZGFIUU2ENchn66xQLWVO/hH4clf0EcWVIgbLtlzIH6UWWTLNaZi43Cuhp0=
.awin1.com/ Name: awpv11354
Value: 473322|1647594552|13acb4b0-a69b-11ec-8df2-22307a82f47e
.awin1.com/ Name: awpv20646
Value: 473322|1647594552|13b58e50-a69b-11ec-892c-22623498ce3d
.awin1.com/ Name: AWSESS
Value: 409071:2840009
.zenaps.com/ Name: awpv11354
Value: 473322|1647594552|13acb4b0-a69b-11ec-8df2-22307a82f47e
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID_TS%3A1647594552
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1026_0001_0001_empty_AF00ID_GV1647594551.5503284.137739b6-a69b-11ec-9dae-00155d255900ID_TS%3A1647594552
.casalemedia.com/ Name: CMST
Value: YjRMNmI0TDgA
.de17a.com/ Name: guid2
Value: 1.8010419786686050112
.adsrvr.org/ Name: TDID
Value: e41dc872-8c12-4e97-89fa-76cd9a924e3c
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0NzU5NDU1M3ZsZWExZGUyMDIyMDMxODEwMDkxMzY1ODIwMTU0NDQ3WDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZDlNMVNNZktNdEsyS3NLSEJIMnQ3dHJycXN3VG1UeFZjZG9uZWlkX19hc3VpZGVrblFjZDNubUJIWjhabmJXY3lEUTRNUWswV0RzOXVtYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExNzY2Mw
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022031810091365820154447X117663V1225131106MSoneid9M1SMfKMtK2KsKHBH2t7trrqswTmTxVcdoneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0NzU5NDU1M3ZsZWExZGUyMDIyMDMxODEwMDkxMzY1ODIwMTU0NDQ5WDEyMDIxMVYxMjI2MTMyNzAyTVNvbmVpZFlYMUhyZjE1c3BCcEhWSDlIZXRRdFJSOGNBVDFUNm1Icm9uZWlkX19hc3VpZGVrblFjZDNubUJIWjhabmJXY3lEUTRNUWswV0RzOXVtYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDEyMDIxMQ
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022031810091365820154449X120211V1226132702MSoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__asuideknQcd3nmBHZ8ZnbWcyDQ4MQk0WDs9umasuid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTcwMDAwMDAwMDA2MTY0NzU5NDU1M3ZsZWExZGUyMDIyMDMxODEwMDkxMzY1ODIwMTU0NDQ5WDEyMDIxMVYxMjI2MTMyNzAyT
.creative-serving.com/ Name: tuuid
Value: 6932b710-e65d-43e5-aa65-b14b357229ff
.creative-serving.com/ Name: c
Value: 1647594554
.creative-serving.com/ Name: tuuid_lu
Value: 1647594554
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.justpremium.com/ Name: jpxumaster
Value: um-348a0f5e-3cf6-4e76-a853-c58990b7ef9c-1647594554
.justpremium.com/ Name: jpxumatched
Value: p161
.bidswitch.net/ Name: c
Value: 1647594554
.bidswitch.net/ Name: tuuid_lu
Value: 1647594554
.bidswitch.net/ Name: tuuid
Value: 8b7b2f62-4e7c-4c50-b7af-7a241ea0ddc2
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-2446c753-8c3f-4de6-8751-a0262db34d5a
.pubmatic.com/ Name: PugT
Value: 1647594554
.pubmatic.com/ Name: PUBMDCID
Value: 3
.demdex.net/ Name: demdex
Value: 68569155571858968104268819262507040894
.dpm.demdex.net/ Name: dpm
Value: 68569155571858968104268819262507040894
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d60c8779-0559-42ca-a371-e7bf7852a79b-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d60c8779-0559-42ca-a371-e7bf7852a79b-003%22%7D

4 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEDjAe7Oa6PoXZX58fqIQO2o&google_cver=1&google_push=AYg5qPLr-5s-Koy7EikukSTEfoDcYfkAa_iGP8kV68S0bb29SdEwElIsIgoJ6-MBCp7rRkj6yeu78JVYjir07exc3VkUl-8kdEjzyw
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjRMNukErPyztDBnYKzurgAABGEAAAIB&google_gid=CAESEBRSULoS2xTJ60r2B9qSQSk&google_cver=1&google_push=AYg5qPJWBtD5RMySo3FS6gOPZIfZdNYQwxGjGnFFNzN1MfjVy66xwhG-xPx8Aa-c2h19YpRgzB7xbIGbwAdych9ZJAtAWp7tnkt3rg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

023fc26b6b9537d4ef1bc238cfed3b19.safeframe.googlesyndication.com
15ed41447392c39526012ebb33067d08.safeframe.googlesyndication.com
3ac11bf56a507c0720e01c3c34f5adb6.safeframe.googlesyndication.com
3f6645818e2c7607c9ef71e10c46b4c2.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.tile.openstreetmap.org
ad-server.eu
ad.ad-srv.net
ad13.adfarm1.adition.com
ad4.ad-srv.net
ad4m.at
ads.creative-serving.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.purpleads.io
api.webgains.io
as.ad4m.at
asset.conrad.com
assets.ad4m.at
b.tile.openstreetmap.org
c.bing.com
c.clarity.ms
c.tile.openstreetmap.org
cdn.ad-sun.de
cdn.ampproject.org
cdn.contentspread.net
cdn.purpleads.io
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
d5p.de17a.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.clarity.ms
e483be4bfb201f8c3e7808a669cfa845.safeframe.googlesyndication.com
eum-eu-west-1.instana.io
eum.instana.io
f0efba9af9d072d1c1d380fa1e3b577d.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900016.redintelligence.net
hal90002.redintelligence.net
ib.adnxs.com
id5-sync.com
imagesrv.adition.com
img.nets4.com
insight.adsrvr.org
js.adsrvr.org
m.exactag.com
match.adsrvr.org
match.justpremium.com
medialead.de
nets4.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pb.media01.eu
prod-rtb.ad4mat.net
pv.medialead.de
rtb.openx.net
s0.2mdn.net
s0.nets4.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
singles.parship.de
static-de.ad4mat.net
static.addtoany.com
static.cloudflareinsights.com
static2.creative-serving.com
sync.1rx.io
sync.adaptv.advertising.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
track.seadform.net
track.webgains.com
trf.greatviews.de
us-u.openx.net
www.awin1.com
www.clarity.ms
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.media01.eu
www.telefonica-partner.de
www.zenaps.com
x.bidswitch.net
cm.g.doubleclick.net
104.79.88.202
104.92.94.3
108.157.1.118
13.224.195.101
138.201.220.30
138.201.63.116
141.95.99.211
142.250.181.226
142.250.74.194
143.204.98.40
144.76.91.199
145.239.193.130
151.139.128.11
164.132.182.207
178.79.242.245
18.159.23.158
18.185.147.206
185.64.190.80
20.62.48.180
213.155.156.180
213.19.147.45
216.58.212.134
217.79.188.54
217.79.188.60
2600:1901:0:76b9::
2606:4700:10::ac43:2794
2606:4700:20::681a:61b
2606:4700:20::ac43:4a81
2606:4700:440e::6812:2fe6
2606:4700::6810:135e
2606:4700::6810:cc16
2606:4700::6812:7e05
2606:4700::6813:b979
2620:1ec:27::cafe:1375
2620:1ec:c11::200
2a00:1450:4001:801::2001
2a00:1450:4001:801::2004
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400e:80d::200e
2a04:4e42:200::649
2a04:4e42:400::649
2a04:4e42::649
2a06:98c1:3120::7
3.94.45.13
35.158.47.202
35.227.252.103
35.244.159.8
37.157.3.29
37.252.172.249
46.236.13.147
46.4.10.47
51.38.120.206
52.142.114.2
52.19.204.92
52.223.40.198
52.30.107.253
54.228.130.197
54.76.176.197
54.81.170.138
78.46.111.106
78.46.85.162
84.200.5.215
85.10.231.200
85.114.131.233
85.14.248.91
85.239.105.10
88.198.250.30
88.99.63.132
94.23.99.218
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
05698e666feea4141eda8861dbed5f02de73eea5c43cd58b68c6fde1902f5909
067e05db46d7b0ff5c2353709f0ce076dadc6322f4d0ce56583bf7a9d233253f
0873b001bc6fb9d6c0bdf09f3aa9ab9a5469631ae94f23d6c0d5cb2507d802a8
08e802fee197353ea994dcb1bcfa7ae5cea9af5e26a016242519bfc916fbc1a9
0a6eb59d917d4c2852928a6bc19602dd38d138efd77400de2a30e188b189be3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c3ef0fe1d5c711af4c60a08deade283176a3d383c685e4738bc7ac836201658
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0df36b4644edb1e7010622d0c812d02fd4e54da667f3b705f6d83dc52965bfc4
0edae4d65dddebd080a68689702bca48814afead12e336b843955fb5e3190b3d
0ff4b42f690c4897d981ec5000f9057289b65f4d9d900ec4b59b36208ad791f2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
168176f3bb78366b5163c6eea8e650e326b5c3590c9b7f9663328e7777a62cd1
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
183b25bf57fb12969d0ade4c9573cb50bc2a7fc11f6df43212d2ed6382367196
1ccc978bb2448b541e6d6f0910fe04085775e365066f64e04fb89155329513ba
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
203a41ccdf684d890e47e1d2a818ffd5796f05e8fb222d2328a092788bda722e
216230c70329b6e662531a3a8a1280bd3e996de156a70f3f805f4a9841d5e57c
217b774718ca377eedbf47a6a03210d442587f50ca0281853142fc117886e508
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
2574daeca78fec9dc06b09ccc2fe17139157972997411b17e489db6d020930d2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2a6f0e947df4965ff39a4d44b53c4520220380451160d34a443dc0d4e841bc44
2aa77b0034fdb8edc7d880ebe65a204a51560b9356c42c41a2d57d1f91bae022
2cc9e32b2645ac83065a5eaa49f4b8dff9a06ddc639f1e66b5ba7044d87a5271
2ddbc6648170c24f69bc79f9de24470caebf8899b875220a4f91f9100252216f
2e70456c6f699a33f5128bb0191244ed6c5cbda4fb99921eff54af51bf8816e4
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2efd0b334753cf8ac29e704ac6f0348889c5712e5e13cb1f3512beca74144192
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
31ec284ba9c15929e75620b4ce2a89e0f8dd7142b41cd5f009f99180a8c5b4a0
32a97e6497cd6c3a611286892f51f127409221715c0cb3f2795f8c480bc76de4
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
32c82a3f1b3f761e635c2a521fc1f9c44fc1eccd73ee7ac07abe2a9cd073615c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3626db4fcda9cc54e6114f1b4478d3fca78b7ca4c16d97bf98f9ba4f1556cb37
36323d83921572000db1cdb1670f1dedf44b977c484b9fd08fbdeb7977d5d3f6
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
3927cfd85aaceee40339c01586036cf3ccef061d090793d461c3008f1f899bb4
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
3c591e1a048af530d3d2eec93997876897263786d4f781d03363778f19d85b52
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
3d228cd81a33f49925eedeed3f06d1ff8b569cdf23bc6eccfbcbbe12b15836f5
41d512788cf5c9ae51842fb943155b47f9de506a88872b8690843772e780ccb7
42305cc1b5e64926c5dde08e513f3697dc7ca902da6898fb6b42dc111351bdaf
42f9b15e047a8b059580f2d0566892b8e0dcb3fc81e14a7f0312f7ee94106a8c
44d02966c48f3bcd4ab06ce723d752fd3f176bf4a5ecc55386c03c64357495b8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
50d82309721fcb73a52d47765a010a6dffe95ecaac7e6d1546449c8937f08537
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a9cd26f81bfc3c4d11b9b89e54270a0daed52c34e361d45aaf9b44f4c7a2cc
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
57765763a17d382b2bfe2cca5fa15506ce0bdcb83d133ae9c7f40687347cf0c0
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
5d65322106d550b40dab4d275ecdd4aaaa6d141ab0ac7d2b88ba5898f899c362
5d8e1362d3d67ed6e74c3104f3ab8609d179081387ea36e71940914a86350f7c
5e211be965efaead389567c94878761a272af09b2aa42a8013ed1f51bf62eef2
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f421490054afa02ee3a18e487916a9cb4ebee503795c9f4cb0cfcc4e35ecc17
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6667f0adee46c37d5ea132b6daa8669147202932bffa494a9b7b80236b0664a1
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
6950f718b8dea80e14c519f4fb6c59a40612ba9231c0838ce0006cd5e157ce67
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0
6c59cbf0b1804f531b58f37dec30014554fa18e7c8ebe9a7fac9104de86dea6b
6db6b89b6e1b0e76270ade7747e4ad64080b23a00407c4d4cd1806a5ec11d833
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
71f88e3fa6f464f70e06666256b2433cdd4980299fc3aa0f04e65243b378b75b
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
7748eb42c493e93ff97de568395a8bcb813b907a38ead1b975b9c8f67994dcd3
7a2aa72385c5a0e04a630caced45946f1b088fd25ed2e8d2d20b433a0ff78010
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
816bc5b5196f268f2093f622f642595508c04b4312f1d38d7d677424aa8fac22
831638ff326e9da0d644ed8c84a9bd16237c810cd7d6d82a461ff767bcff4dcb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e95c861c07abe37dbb8ff42e41d81d919e37003888651c3ea4bcf61a480c8b
89103bb2059b02d45c7e0c41e101d67f5451f8d9f0fe24216db52c6d0a5b123b
8bdbf097261a220717b31f7f5a76400527104d112829ce5fefccaa39e65c96f1
8e2034b83fe2035bc11d9d4e045fd4a35dcef4f167e31bd7b65cc28609a68d6b
8e254991935fb6da8e83f827cb212fe4f205fc74c04bf7c9656140eea0bb72c7
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
9007a72d0fa0a45bdb1ba8527cdfe7122636a3ae014d75d32ece4de4efea45b4
914707f6dc852c7d541f23431fff882539fbef2caff1e08a4a3df8bf5199bc7d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93e967c9a2a71943dd29777694c4dcb350d57835f33f922bedb0d0ea2dc0c366
93eaa88b166eafa8512888584b7582622d90c04be6e2c7895e28330285d82806
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae4f6f19ebf0fe64e1884d4c2a9e2f0b55a9adf3b7d4812e495eee912e674fa
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9
9bddb1ebe3d389a5253245dabc7166a3c974d5755d9b61db7be13ea14c54228e
9ef267d2861e7aec8e410a23c1c408384ef1b7fb92e6dc57689e507f05602f56
9f739a294f0255440cbc0812e6976d9d5954f4b44e163226be40988f2513a3cb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a02a00dbf09585a63e2c69399e6ac66f348bab8d3fbc503604275407f81302
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d4139a86f5c5467ae6cb400f0ae7b95995f6ed3da681d17ce1cf8fdc6a0ca1
a8ac36f491e7fe7a9a95e4f30387d2cf0dffc39d1febe26a5e74af2883667093
a92033f68f33ce204eebceaeed5bfd634b8e036cb1b4e1f7d59a97acb52c4920
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00cb9dac6485757ea30fc6b748f048a7fc71c6aeda1d497782dc765506015e0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b5a5cf013d2f1e5dfba8726b1bada98e1a64fc6f474dbf4626a6d00aa08e3f
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
b86b7c43f3aec9ce4633f91c0df776f2662bd3a326af0a5e5707dbfcfcc7c817
b8af43a127053904d4757cec4c36ca2e914e4770a4cf49c156ed362ede0018c5
b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb
bb3c7c5fe6b6e262b206477a7030f9d11bf153b2e6fad533230d4db8db83c7f1
bbad49236638c67256faf9b341ee7ed0d150e11d24e9c496c438d87755c45ef8
bbf738498a51a3b102576cee6763614fa2cbaa5ffd22630d5e14c9be1ae090b9
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c0aac8ca16157d282cd762db6c88c459ca70631ac3ffce9c40759202e5a7697f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c3f8de28be6266e32ae54e000b2289baad87e650aef233ab68854aeefa90609e
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce7e29ddb0b537ab37acabdfd30146244d28719d58ac64cf584d779095db76cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d3e3ee3ead980028ec5429ba6312f4a3381ec3880c13c12c624a391583fed639
d600d7bb49d28ebb861046568487474337e834385421f2c58d7d91535e3f62ee
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d81da1c2333ea18b9649d21dd0dbb2a09141d43d18ef3e2eea1157f3e56d6277
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
ddb52f35a558633a1535db760684258e4c8cd7cc6426b9e360ee1b3c6bdb9192
de0188a1d2a5b54c336ce0772427428c1eedbe113fe9335bea342b847c7a0840
de53bc96533bf3c6e906a524d8e7b4d0dee9b8b527408ed8d0b1c7c51468c2bc
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
df16ae2f3f4c003e55aa93796b78c0ab73e0155ae32bea72cee59d1e0832f92d
df1f6edd81b5305bee042a161a3edadb02004e56e6a502a27e16d6d7b801307e
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
e21c5c97e6d7b8e46a5780762fc3927cca03dd56dd48c232b12cb1d0403d96e1
e283f353447fbc213369a85d88aec37863de9a46f0c18f69a1f001aedac77deb
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41854e6ee29797f26b5ae261cebad41f4e92c4e6bdd6dd46efb101ab9e52029
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e5c4440c8d0e50dd5bf59c92f7af7bff9eb4ea7b6fe3928ee897b9df9ce417de
e9059db18be75224b6baf75f105c9a7569b5c65dadea74f6d0afc3c7f7bceba5
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ed8ada861f725adb0c33cc05e91a1208bdf4d728d7877fa4d6c9a69b16799dd0
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee697fe2ccc5fb8738aaf63fae53cfc5adfbebc0f31304f5f5b30f50311f0520
eea4cb9a75206593f5f9bf03b408b7caeedd8265cf93d82c76005606e3422f9f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc
f1d42e6898ac6ce420455cfda7146cbb27f55e8576ae154819fdbd1a4f3a6807
f26e4088529d0493c50ce024432179dfa928ef0779f580cdd1cdba76fe361ad4
f31a7a1e4804398606508f52f439e4ea721287ba9c3a0d05bc755f27e66387c8
f3c260b6e1c3320e731865f4a874e4491d315f748993f62ed0e6215bb35c4b93
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
facfbf9359f6c19a90ed98e2582a1679945a3ffcd4280b4d2044d6f29d8c0f9b
fb507cc4b6793cd0049a4a75862408b554fa3fd54d0425f2376baba3c0a4b34b
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fdafcb5007554b002dbce6dc38c9a3b8fbff17241ccc799393c46cbff9fb71b3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff52cd6fa87197e500ac404574525aeeb1b9d184f90a74e19197f6fc159e6107