ma9ngon.xyz Open in urlscan Pro
103.200.23.160  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://ma9ngon.xyz/ HTTP 301
   https://ma9ngon.xyz/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://googleads.g.doubleclick.net/pagead/adview?ai=CSqYYiDt3Zd_INd215LcPwOax0AyS3fPnYuGfhtn9C2QQASCBuYOeAWCVgoCAmAegAcnVjuADyAEJqQKMXbZ3fAuyPqgDAcgDywSqBPIBT9D-zSdmVoLol6uuRIfTJOWIRS_-CeiWFrb77yq1HLLKI4_hFFrlNdLJnhInJVXT0xX-jyeoaJ9_R0SHUr8g20Lpppj2D8PxZSuZl1wicEg0OkjoYWXT0_EtttHaJT784RZOnX9Gq5dHmjLQqA8bWMzIkONy4aKmysHLjXmO4nsXxWJfYyW_9Rbt7hxzISUd_7lfTBMw21l6iMVDVG_78sg8PxRifLI7c3fuIHPR3i7KD9dX-5YnN35zY9K3UpCuLVAzemue7F6pcwoI1wXk7H1Okj9paFu2OmUtQ5V8a3By9M5KUzOfXjFmqxFwWzT2UJzABJu_6_eDA4gFjpj8iieSBQQIBBgBkgUECAUYBKAGLoAHn6rxH6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPXuAtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYpOGwwemHgwOaCVBodHRwczovL3d3dy5saW56dG91cmlzbXVzLmF0L2ZyZWl6ZWl0L2xpbnotZW50ZGVja2VuL2FrdGl2aXRhZXRlbi9uYXR1ci93YW5kZXJuL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQK4E-QD2BMNiBQa0BUBmBYBgBcBshccChoIABIUcHViLTUxNTMxOTAyODMxMjY1NzkYAA&sigh=2ht4qShkook&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNgGachGWuQLC9AVH54cRrejHQildU2bugrCXq0I_i0QqdEIj3o4PazFJj8nmcj2qfhp9MCKhtrZBUqn4Aq6t2Q4iYR-ns3SYz7hgB&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217505400642086308164%22,%22debug_reporting%22:true,%22destination%22:%22https://linztourismus.at%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006873289%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213986803247557819649%22}&andc=true

Request Chain 98

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1

Request Chain 99

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXc7i4VFi-qAu6g1aLdErQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1

Request Chain 100

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEAHISfg3Don-HfhqRK7YFRQ&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAHISfg3Don-HfhqRK7YFRQ%26google_cver%3D1

Request Chain 101

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIzOTExMDcyNTkyODAxMzQwOQ%3D%3D

Request Chain 102

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1

Request Chain 103

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXc7i8TeyfDM2sw0j4hKegAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1

Request Chain 104

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEAHISfg3Don-HfhqRK7YFRQ&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAHISfg3Don-HfhqRK7YFRQ%26google_cver%3D1

Request Chain 105

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3MTYzNzUxNDA5NDM3NDg5Nw%3D%3D

Request Chain 128

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 132

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAt-Xu3D4cjL9pvXDQfqZxM&google_cver=1&google_push=AXcoOmQD1Ldqd31DaPnw3Z3kJQzCkxOIQzihY-fdeH-bHLQKo7txzOvWbxbRUB-HXCwmg6uKok6g_efFneBbDv1w4I7OtwtzqXd_8Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAt-Xu3D4cjL9pvXDQfqZxM&google_push=AXcoOmQD1Ldqd31DaPnw3Z3kJQzCkxOIQzihY-fdeH-bHLQKo7txzOvWbxbRUB-HXCwmg6uKok6g_efFneBbDv1w4I7OtwtzqXd_8Q

Request Chain 133

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIJzADwWmL_aZ0ORoaPGC1U&google_cver=1&google_push=AXcoOmT0zYGLeRPlOcri2DNEXhYfz4s8kq9Z_vVOJUzcakvs2o1Nv1v8e5jyTbUFY4coiQvFiMyyLrgVP_0J2lmR5dwHg59tnaVLRg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT0zYGLeRPlOcri2DNEXhYfz4s8kq9Z_vVOJUzcakvs2o1Nv1v8e5jyTbUFY4coiQvFiMyyLrgVP_0J2lmR5dwHg59tnaVLRg&google_hm=F05VI8rFSkWQpPm1ekdVRGk

Request Chain 134

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAQBFZ4DieFZlNvUxoYr39A&google_cver=1&google_push=AXcoOmQJ5jsR1lphsqajabGuHlG55gRmyGWmF3kNxWL5Er5VsAKEG_9vNh6CPK4pYYdasqJFMLjzjfYH-xZyBSc-7J0vGxZdTtCvFA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTM3Nzk5MjU0NzE3MDQ1NQ%3D%3D&google_push=AXcoOmQJ5jsR1lphsqajabGuHlG55gRmyGWmF3kNxWL5Er5VsAKEG_9vNh6CPK4pYYdasqJFMLjzjfYH-xZyBSc-7J0vGxZdTtCvFA

Request Chain 135

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKkUE96DOzVq8FPd4ZMcnVE&google_cver=1&google_push=AXcoOmSWYc05rJSwv_gjFVBqttHqR_UCRSVB0gEW0In-5nnaa4eQMcFqz2gMvhZWN9KLy6PvVbPDusOiExqd0ApnuccQn5XBsu6MAg HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKkUE96DOzVq8FPd4ZMcnVE&google_cver=1&google_push=AXcoOmSWYc05rJSwv_gjFVBqttHqR_UCRSVB0gEW0In-5nnaa4eQMcFqz2gMvhZWN9KLy6PvVbPDusOiExqd0ApnuccQn5XBsu6MAg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzExMTU4NzI3NDI3MTk3NTg5OA&google_push=AXcoOmSWYc05rJSwv_gjFVBqttHqR_UCRSVB0gEW0In-5nnaa4eQMcFqz2gMvhZWN9KLy6PvVbPDusOiExqd0ApnuccQn5XBsu6MAg

Request Chain 136

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENG1a5-zqbNbvW1yD9VwEzo&google_cver=1&google_push=AXcoOmRY8q4V1bEIi7NpXEHn1LAjZyRAnedV_lRdHevEF8eDEypmnHC4hO9Q6-3nbYrxID2FmfLQIliEKuazUzHPtDyPzymz4lp-VQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRY8q4V1bEIi7NpXEHn1LAjZyRAnedV_lRdHevEF8eDEypmnHC4hO9Q6-3nbYrxID2FmfLQIliEKuazUzHPtDyPzymz4lp-VQ

Request Chain 140

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEC7JGmKEpKBbgWSvH5zC2Zw&google_cver=1&google_push=AXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0kaDO2BON-nXV0kM5bjaDwliqRAcij0iDST6lfL6rgiR9Sw3akNpIXwGwPyqA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0kaDO2BON-nXV0kM5bjaDwliqRAcij0iDST6lfL6rgiR9Sw3akNpIXwGwPyqA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC7JGmKEpKBbgWSvH5zC2Zw&google_cver=1&google_push=AXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0kaDO2BON-nXV0kM5bjaDwliqRAcij0iDST6lfL6rgiR9Sw3akNpIXwGwPyqA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0kaDO2BON-nXV0kM5bjaDwliqRAcij0iDST6lfL6rgiR9Sw3akNpIXwGwPyqA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 141

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELcTHwrpqSKQKBuxfa79nMU&google_cver=1&google_push=AXcoOmRvesqF-Hz6DmbLPgPTr5yJ2vMz8vh6oKiLFevJ5vHSfvOBAhK13UGEPP_5fpQjfwS2uq3Bo4fSfVff_ywk_kGyVonb2n5m-gukEORFWrvSB2xVa64ZE6AAuepd1NcH0Wsw5-3SSaM0m4fX22jX9zO_OrY HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELcTHwrpqSKQKBuxfa79nMU&google_cver=1&google_push=AXcoOmRvesqF-Hz6DmbLPgPTr5yJ2vMz8vh6oKiLFevJ5vHSfvOBAhK13UGEPP_5fpQjfwS2uq3Bo4fSfVff_ywk_kGyVonb2n5m-gukEORFWrvSB2xVa64ZE6AAuepd1NcH0Wsw5-3SSaM0m4fX22jX9zO_OrY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc2OTU2MTY2MDcyMzAzMTg2NA&google_push=AXcoOmRvesqF-Hz6DmbLPgPTr5yJ2vMz8vh6oKiLFevJ5vHSfvOBAhK13UGEPP_5fpQjfwS2uq3Bo4fSfVff_ywk_kGyVonb2n5m-gukEORFWrvSB2xVa64ZE6AAuepd1NcH0Wsw5-3SSaM0m4fX22jX9zO_OrY

Request Chain 144

• https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEE3YbasIqj2xTehJP8gsckM&google_cver=1&google_push=AXcoOmQ50j39_oNssdpKA_1NJL2X2zsYXJ51YErlCBiKR981fKb-V-iOMnRbK2E2p7TPIcHB_yMRugGlYf0vS9K9qOQHYAX68Jn70WDX73Jie1S3P-ao3SO6NjU9cqI9NhRDJyPQvaJBMm-QC1E6ODT4MFOaLgJX HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ50j39_oNssdpKA_1NJL2X2zsYXJ51YErlCBiKR981fKb-V-iOMnRbK2E2p7TPIcHB_yMRugGlYf0vS9K9qOQHYAX68Jn70WDX73Jie1S3P-ao3SO6NjU9cqI9NhRDJyPQvaJBMm-QC1E6ODT4MFOaLgJX&google_hm=6NIAOD88TgmvAYiEBoUw4Gk

Request Chain 145

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECqn4V2RzvjoIhW_CsFARfU&google_cver=1&google_push=AXcoOmRYQsqSb8v4r5BpNjDyUibjK1Fa5MFB4SFT2xjS2MzXNewEAMt6IXNUmkxdIdsznj8RCzi11gw1MKFjHW6wqwnWArZK1hhlKBZWv6ZAiwC2U2v1THik11MnKPRxrU_32bGt8CUb1D_QzrpfUa-OXciFd9QO HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRYQsqSb8v4r5BpNjDyUibjK1Fa5MFB4SFT2xjS2MzXNewEAMt6IXNUmkxdIdsznj8RCzi11gw1MKFjHW6wqwnWArZK1hhlKBZWv6ZAiwC2U2v1THik11MnKPRxrU_32bGt8CUb1D_QzrpfUa-OXciFd9QO HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 163

• https://googleads.g.doubleclick.net/pagead/adview?ai=Cmj0GiDt3ZbvONL6I5LcPiYWSqA3qwO-XdKTp35LjEbfLor3AARABIIG5g54BYJWCgICYB6ABqt7gsirIAQKpAjnAzZhXYD0-qAMByAPJBKoE8wFP0Ba4UV_eCtoYfFvyiQhRvxt0bxvUO75NH08-GCnJxJ3B4romM7YrIt2YRjDBQQSR-pyAoAuCUuWgy3WrQdlGZQRgIaizKLxMXJEBOhr5lOezKkJWV4P2MlTNlCl636j2LQ3xiYsdFnydh39sWpBT6_yRFR-HHsWyrxxaArUfIZmYY0Kj0E63T1AXa0sq91ns6u29MMI-CmL_tew0DhGWxYNwf1wtQ5ED4wQ5devO5PzWkDMHKHL5rxi3ZnLltZFDEaRJqRmiqXVWYwUnC3E_VUrRWzGKfTel_aafZ2rBHz6e1OFMWrDoPMeuQrXVoxgG7vHABIO-mJHMBIgF4qWBj02SBQQIBBgBkgUECAUYBKAGAoAHqpaxkgWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDeoQrSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKCSr8Hph4MDmglQaHR0cHM6Ly96ZW9uLW1vYmlsaXR5LmpwL2xwX2RlP3V0bV9zb3VyY2U9Z2RuJnV0bV9tZWRpdW09Y3BjJnV0bV9jb250ZW50PTE2MHg2MDCACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLYEwLQFQGAFwGyFxwKGggAEhRwdWItNTE1MzE5MDI4MzEyNjU3ORgA&sigh=-GdZbON6xx0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215534720936274628415%22,%22debug_reporting%22:true,%22destination%22:%22https://zeon-mobility.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211380731690%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225433047691999926785%22}&andc=true

Request Chain 165

• https://googleads.g.doubleclick.net/pagead/adview?ai=CKXYwijt3Za_hOf2D5LcPxIy6oA3dhOzHdIPyn6XYEWQQASCBuYOeAWCVgoCAmAegAYnD-MMpyAEJqQKMXbZ3fAuyPqgDAcgDywSqBPMBT9ByZnxO6aW37OOV9DyKIH0RYgzv-MstUstozWlEinEXmI_9XWpoHpwqI9tSaC8o2rqcnunkycU1OCVxe6tF49FtXvsP9VOI_h97lRkCWYEM2LYrHaQ5X3Q-79V59gTCVMusRpDnYnnwl13xYjSSoli7v070k9xmwOttXQ5OlqP0PIa3pTz9fFK511Q_fwdgivh4jAz3ACW0QBZtTxGdjbUs1J-B7DLCeXTcJRMoVMHEQ2sDpsnvEzZXtwghCH0mKw3CJE6K-kcE4B2nL8wU1G-xw7AvdHh3mSH80CrMgbYF5uS_YHg2T1iYi-zuvCOIPBRdwASzvIjtqgSIBcDpo75KkgUECAQYAZIFBAgFGASgBi6AB4n7yKMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ8Y8I0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljJ-K7C6YeDA5oJSWh0dHBzOi8vbm92b2N1cmV0cmlhbHMuY29tL2RlL25vdm9jdXJlLXRyaWFscy1rbGluaXNjaGUtc3R1ZGllbi16dS1rcmVicy-ACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbEC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTUxNTMxOTAyODMxMjY1NzkYAA&sigh=TTPNXB7qZ9U&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNSm1LoS6uEbqYk4I9N7_VaKPdueQH4l532lzrviGuZOrAJZknGeRCjwhvXho2TCXqJTaIA5LxGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229304586515240800562%22,%22debug_reporting%22:true,%22destination%22:%22https://novocuretrials.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211148337545%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213463717749953094225%22}&andc=true

Request Chain 171

• https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
• https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 183

• https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=84234200125157804444556012535010&ra_cnt_active=1&ra_cnt=1 HTTP 302
• https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3378644960

Request Chain 194

• https://fw.adsafeprotected.com/rfw/st/1693932/75440260/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015017342&ias_pubId=pub-5153190283126579&ias_chanId=1&ias_placementId=20811529347&bidurl=https://ma9ngon.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jnzgKjZuaibVQh1kKOfLi2&adsafe_url=https%3A%2F%2Fma9ngon.xyz&adsafe_type=g&adsafe_url=https%3A%2F%2Fma9ngon.xyz%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-5153190283126579%26fa%3D1%26ifi%3D8%26uci%3Da!8%26btvi%3D6&adsafe_type=be&adsafe_jsinfo=,id:4cde07ea-b938-be71-d0fd-eb4eed54fa36,c:wvJQWF,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-5c449dcd9b-fqtf7,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:540,mot:0,app:0,maw:0,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:624,oid:075d0a17-9844-11ee-a021-faedd46df96d,v:19.8.464,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

Request Chain 209

• https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.conrad.de/ztpv.php?awc=11354_412871_1702312846_08a9d510-9844-11ee-9488-2234841a3abe&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 229

• https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946 HTTP 302
• https://8019191.fls.doubleclick.net/activityi;dc_pre=CP2_98rph4MDFYvnmgoda0IEsw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ma9ngon.xyz/ Redirect Chain http://ma9ngon.xyz/ https://ma9ngon.xyz/	75 KB 10 KB	1103ms 281ms	Document text/html	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Full URL https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 1a3bafd21393942a6dafaecf9eefdab8d815830bf83ffb0cfee8294a9958ffc2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Mon, 11 Dec 2023 16:40:38 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server LiteSpeed vary Accept-Encoding Redirect headers Connection Keep-Alive Keep-Alive timeout=5, max=100 content-length 707 content-type text/html date Mon, 11 Dec 2023 16:40:37 GMT location https://ma9ngon.xyz/ server LiteSpeed
GET H2	200	css2 fonts.googleapis.com/	1 KB 509 B	150ms 59ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Goldman&display=swap Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 06d38e256fa08f4d88fc665202fd56ebe6680ea7c6ad7e0e98b638452c21a825 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 16:40:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 16:40:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 16:40:39 GMT
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	140ms 50ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aff87390871866f2b5ac54329538b23637606fd9d72f74f87a7570880a261cc9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 16:40:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 16:40:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 16:40:39 GMT
GET H2	200	style.css ma9ngon.xyz/template/theme/assets/frontend/css/	59 KB 12 KB	278ms 275ms	Stylesheet text/css	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Full URL https://ma9ngon.xyz/template/theme/assets/frontend/css/style.css?v=1621615725 Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash cb6f20a365c4f377c3637ea99f32c78afbd89bb7ff3aa3e6f732abab1093d399 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:38 GMT content-encoding br last-modified Sun, 11 Apr 2021 08:10:06 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 11676 expires Mon, 18 Dec 2023 16:40:38 GMT
GET H2	200	boxicons.min.css unpkg.com/boxicons@2.0.7/css/	62 KB 11 KB	145ms 59ms	Stylesheet text/css	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fc734c80933766675fda9c9a1f867289de58d1e6ddc85621e1a37eb506a22ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1163494 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HGA6E1652BHKPK2REKX0D2NT-fra server cloudflare etag W/"f703-kEpTqbib37RBQP2PIpppYa/VnfU" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 833f2baf5a793667-FRA
GET H2	200	jquery-2.1.0.min.js Show response ma9ngon.xyz/template/theme/assets/frontend/plugins/jquery/	82 KB 28 KB	549ms 546ms	Script application/javascript	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Full URL https://ma9ngon.xyz/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 1590c918beec11afded8b5437e2437bfa65baece73df7fb6074ce4885916fdfc Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:38 GMT content-encoding br last-modified Sun, 11 Apr 2021 08:10:06 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 28608 expires Mon, 18 Dec 2023 16:40:38 GMT
GET H2	200	lazyload.js Show response cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/	6 KB 2 KB	141ms 55ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 989394 x-jsd-version 2.0.0-rc.2 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230127-FRA x-jsd-version-type version server cloudflare etag W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFCdaoHj2uYCirrLTsISlIkftHLGZq1w3XHWMDH3tNrc2tzLvDzCBnRrbeOwEHRrZiwy7QYvkyHSNKoEAUhTabZXiRWOvgrH637IiGMKXsQ8ro4qrxeJkcbbgYHhb3Ys7IJwROu5RcXMajdMA9s%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 833f2baf5b7e3a6c-FRA
GET H2	200	kun.js Show response ma9ngon.xyz/template/theme/assets/frontend/js/	4 KB 984 B	549ms 548ms	Script application/javascript	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Full URL https://ma9ngon.xyz/template/theme/assets/frontend/js/kun.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 267d7e881bfe440ec22e504a58edd746fce25c67db57d14ee90f1075310f5940 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:38 GMT content-encoding br last-modified Sun, 11 Apr 2021 08:10:06 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 951 expires Mon, 18 Dec 2023 16:40:38 GMT
GET H2	200	sweetalert2@11 Show response cdn.jsdelivr.net/npm/	75 KB 21 KB	141ms 56ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/sweetalert2@11 Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ee140344701f1acb771ba8fbf2e2a199087ab4acf05fd50e757826cf597704 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5157 x-jsd-version 11.10.1 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230112-FRA x-jsd-version-type version server cloudflare etag W/"12b3b-RimU/Qj1uZajKjz3B6Mu8E+LzVU" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGxE9hDXujMqEFqdEkHm7cK%2BFzukXnrBd9amM4Mc%2BWYdsSjpq%2F%2FtjGv%2BEX0LIYykxdzKcc7v5EdpJ2XYq1%2BPRCQ1z81RaGBIXnZm%2FLHzYRbyXtWVaZvTvEX18jB0IRFtRGo44eKPdbjE74BslAo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 833f2baf5b803a6c-FRA
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	137ms 50ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1176806 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTZjLHa9M72Q9jkCae4cmYRCHiBWGkTX%2FualGIrXac8U7KEYq%2BHPx4CchdgJIoQUg8%2FatDDFfDQ0dQ1p945ATgZNvriA%2Bfl6jzt4D5vO1DHG0z9o20UwXU20jQ6NCsnJeDI7JE6YCsxCNbZ7oMXcqW3u"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 833f2baf5a1c65ba-FRA expires Sat, 30 Nov 2024 16:40:39 GMT
GET H2	200	jquery.dataTables.css cdn.datatables.net/1.10.24/css/	16 KB 3 KB	155ms 49ms	Stylesheet text/css	2606:4700:10::6816:335d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.datatables.net/1.10.24/css/jquery.dataTables.css Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57b0cece766a47beabbf2d2da5ae6d6b75e108aa5669555e38123bd9f1d701e8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT content-encoding gzip cf-cache-status HIT age 904942 content-length 2369 last-modified Mon, 06 Nov 2023 12:01:11 GMT server cloudflare etag "114106c-3ec4-6097a9c3447c0-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding,User-Agent content-type text/css; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET cache-control max-age=31536000 accept-ranges bytes cf-ray 833f2baf79a33687-FRA access-control-allow-headers origin, x-requested-with, content-type expires Sat, 30 Nov 2024 05:18:17 GMT
GET H2	200	jquery.dataTables.js Show response cdn.datatables.net/1.10.24/js/	440 KB 111 KB	160ms 54ms	Script application/javascript	2606:4700:10::6816:335d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.datatables.net/1.10.24/js/jquery.dataTables.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67443c3e2b3a31a2d1039888e7e35979079e927a96d6c95ed3a947facc024d6b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT content-encoding gzip cf-cache-status HIT age 912227 last-modified Mon, 06 Nov 2023 12:01:11 GMT server cloudflare etag "1141086-6df4f-6097a9c345f30-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding,User-Agent content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET cache-control max-age=31536000 cf-ray 833f2baf79a63687-FRA access-control-allow-headers origin, x-requested-with, content-type expires Sat, 30 Nov 2024 03:16:52 GMT
GET H2	200	lazyload.min.js Show response cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.2/dist/	7 KB 3 KB	141ms 57ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.2/dist/lazyload.min.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28762ea362d067f6cdfc31442f0255cbf2998d5f388672e6156378ca30f2514b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3589318 x-jsd-version 17.3.2 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230023-FRA x-jsd-version-type version server cloudflare etag W/"1d93-ydxKWtG8r6eGCK9bRg4vRr22VFM" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUCHWB6QW1EwLNWS8Cx4uZwrUq21qAT5%2BnCYdZx56SqOHytfdr%2B5j0cSqEZbmfLiIe9rOi4zbfARpyMGu3kjDRtPaz5mQxHeQ3u79kpVsGFjFj3fYVX01Uz%2BXFCWDufgtm9SWFGoWs5AZEug8yY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 833f2baf5b793a6c-FRA
GET H2	404	style.css ma9ngon.xyz/template/	0 0	276ms 275ms	Stylesheet text/html	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Full URL https://ma9ngon.xyz/template/style.css Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:38 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	148 KB 51 KB	184ms 93ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5153190283126579 Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad0447c47655bf6390549fc127beca4722404fad3bf3356612b700bace6f7849 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Origin https://ma9ngon.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:40 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51691 x-xss-protection 0 server cafe etag 1576031008379367893 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Mon, 11 Dec 2023 16:40:40 GMT
GET H2	200	logo.png ma9ngon.xyz/assets/storage/images/	115 KB 115 KB	292ms 292ms	Image image/png	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/logo.png Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 430289243c7e4900d6883d14094b940012fed546472389e5b9cdedeef964f493 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:38 GMT last-modified Sun, 12 Nov 2023 03:18:33 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 117272 expires Mon, 18 Dec 2023 16:40:38 GMT
GET H2	200	footer.js Show response ma9ngon.xyz/template/theme/assets/frontend/js/	1 KB 343 B	292ms 291ms	Script application/javascript	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Full URL https://ma9ngon.xyz/template/theme/assets/frontend/js/footer.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 2b50e36e7d6280af0f4ed7b8c4199790f880445c90ef35bcb3c2b0c818118f09 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:38 GMT content-encoding br last-modified Sun, 03 Dec 2023 12:38:45 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 287 expires Mon, 18 Dec 2023 16:40:38 GMT
GET H2	200	xfbml.customerchat.js Show response connect.facebook.net/vi_VN/sdk/	317 KB 91 KB	126ms 45ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 36f030293c48fc96ae5c5e21c0cba1d49c6bf20e53b9c8f8c2504e22a179a460 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 11 Dec 2023 16:40:40 GMT content-md5 WNKo1fxMD3x96ugU+hy3Wg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 92216 reporting-endpoints x-fb-debug rKHjsxEg6oY4M5FfrtStP5eT1Y57V8DmunY52yblbU0Qv8No3mpJasCFN+UXaYyIFBWi8XrgWA1eSFSSOhbE0g== x-fb-content-md5 656b2b42347c4e1b628ef1ad265a2cd9 cross-origin-opener-policy same-origin-allow-popups etag "08f8e221c28b2cf7614980692241d108" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Mon, 11 Dec 2023 16:55:14 GMT
GET H2	200	green-neon.jpg ma9ngon.xyz/assets/storage/images/	3 MB 3 MB	257ms 257ms	Image image/jpeg	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/green-neon.jpg Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash bd186e52c079d0a4c97702da8a04d205802dd005f7ed9b094834511a88496286 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Thu, 02 Nov 2023 04:12:19 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 2667198 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 fonts.gstatic.com/s/robotocondensed/v27/	50 KB 51 KB	128ms 39ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ma9ngon.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 07:29:10 GMT x-content-type-options nosniff age 205890 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51404 x-xss-protection 0 last-modified Wed, 18 Oct 2023 17:52:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Dec 2024 07:29:10 GMT
GET H2	200	boxicons.woff2 unpkg.com/boxicons@2.0.7/fonts/	91 KB 91 KB	136ms 51ms	Font font/woff2	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/boxicons@2.0.7/fonts/boxicons.woff2 Requested by Host: unpkg.com URL: https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43193176ef77030ad34673f96fad80aebc860b2a8b11418e3cc9170688d7ff35 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://unpkg.com/boxicons@2.0.7/css/boxicons.min.css Origin https://ma9ngon.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:40 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 2388242 content-length 93260 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HF5PDQ0TPQJHANMKP9QZTPS4-fra server cloudflare etag "16c4c-pVld0x4LunUHF9iDN+x/LvuPssw" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 833f2bb2ec67362d-FRA
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2 fonts.gstatic.com/s/robotocondensed/v27/	16 KB 16 KB	185ms 99ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a4cec04945d3b04d4250075088fbc3ae546bedb4e97a483531a9c71f562d1e26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ma9ngon.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 16:52:24 GMT x-content-type-options nosniff age 258496 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16228 x-xss-protection 0 last-modified Wed, 18 Oct 2023 17:52:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 16:52:24 GMT
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 fonts.gstatic.com/s/robotocondensed/v27/	33 KB 33 KB	200ms 114ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 994961b8f25a0b18f5050694571210c1c5348d6221561dab5f1d72b3182e2778 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ma9ngon.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:56:14 GMT x-content-type-options nosniff age 222266 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33584 x-xss-protection 0 last-modified Wed, 18 Oct 2023 17:53:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Dec 2024 02:56:14 GMT
GET H2	200	animated-text-fill.png ma9ngon.xyz/assets/storage/images/	5 KB 5 KB	659ms 659ms	Image image/png	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/animated-text-fill.png Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 69899b3221e58ef971887b231c932f3123ea9c051cbb64982642d68c58570d11 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Sun, 12 Nov 2023 03:21:26 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 5032 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	404	blue.gif ma9ngon.xyz/	1 KB 1 KB	662ms 661ms	Image text/html	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/blue.gif Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:39 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	200	loaithe.php Show response ma9ngon.xyz/api/	170 B 122 B	617ms 616ms	XHR text/html	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Full URL https://ma9ngon.xyz/api/loaithe.php Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 1b683769be44c85dc4d298ce7417ddaf88ebf37345bc84a6c324b25f3afbba57 Request headers Accept */* Referer https://ma9ngon.xyz/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT content-encoding br server LiteSpeed content-length 85 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	menhgia.php Show response ma9ngon.xyz/api/	452 B 141 B	618ms 618ms	XHR text/html	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Full URL https://ma9ngon.xyz/api/menhgia.php Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/template/theme/assets/frontend/plugins/jquery/jquery-2.1.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 20c1923ffa54223470cafad7fd88770b246d1adcde5ab1a2aaa8fcaec940b98e Request headers Accept */* Referer https://ma9ngon.xyz/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT content-encoding br server LiteSpeed content-length 104 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	upload_H9FGBZDPYM4Q.png ma9ngon.xyz/assets/storage/images/	243 KB 244 KB	552ms 551ms	Image image/png	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/upload_H9FGBZDPYM4Q.png Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash d73a48f6a049e898bac9f29c107bd3ac2e38e8db24628a2eab5ed3d64df0bd81 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Sat, 25 Feb 2023 15:25:40 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 249224 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	200	adsadsad.png ma9ngon.xyz/assets/storage/images/	729 KB 729 KB	551ms 549ms	Image image/png	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/adsadsad.png Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 153ec5fa6da5c9e9814b54b910130502ec84f2ef8f6f29dc0fc339ece28bda8a Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Thu, 02 Nov 2023 12:43:15 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 746367 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	200	dad.jpg ma9ngon.xyz/assets/storage/images/	81 KB 81 KB	552ms 551ms	Image image/jpeg	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/dad.jpg Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash ac835119496dfbed60a868c6c758b6764e4ac79285d8937929194d2b46af47b8 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Thu, 02 Nov 2023 14:21:58 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 83221 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	200	51805614658_04e0993fc3_o.jpg ma9ngon.xyz/assets/storage/images/	179 KB 179 KB	569ms 568ms	Image image/jpeg	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/51805614658_04e0993fc3_o.jpg Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 91753867e7b4553d8c3d99ab006fb338751bedc89744c1225cb97a9831dff192 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Mon, 23 Oct 2023 04:08:44 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 183421 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	200	steam.jpg ma9ngon.xyz/assets/storage/images/	1 MB 1 MB	588ms 588ms	Image image/jpeg	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/steam.jpg Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash 8d8a16fe7ac7f07f202dcd1032cb3e8a9c6079b3b2ed4a00d8a814b2502b4c28 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Tue, 03 Oct 2023 04:22:18 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 1303195 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	200	a942190b70d8a4409ad4419b56bb588chwidspoofer.jpg ma9ngon.xyz/assets/storage/images/	84 KB 84 KB	589ms 588ms	Image image/jpeg	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/a942190b70d8a4409ad4419b56bb588chwidspoofer.jpg Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash fb9b2a11f7da15956517f79aede79d8ca5b39e912ccde0df48a508d545b0a941 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Mon, 23 Oct 2023 10:23:49 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 85752 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	200	%C4%90%C3%82S.png ma9ngon.xyz/assets/storage/images/	579 KB 579 KB	630ms 630ms	Image image/png	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/%C4%90%C3%82S.png Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash abd39fefd1597c7849503d27524af5ac20c0002d4c6e1859d3fb727b4344faa5 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Sat, 18 Nov 2023 07:22:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 592877 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H2	200	adadad.png ma9ngon.xyz/assets/storage/images/	2 MB 2 MB	631ms 630ms	Image image/png	103.200.23.160 VNPT-AS-VN VIETNA...
General Check archive.org Show headers Download Go to Show image Full URL https://ma9ngon.xyz/assets/storage/images/adadad.png Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.200.23.160 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN), Reverse DNS host160.vietnix.vn Software LiteSpeed / Resource Hash b8264ada65d3db6ae37ceb974926ea8c7e18a4b7c64ae0e87643046cbcc809d0 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:39 GMT last-modified Thu, 23 Nov 2023 15:32:53 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2118306 expires Mon, 18 Dec 2023 16:40:39 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/	399 KB 135 KB	192ms 112ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5153190283126579 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6871872b31f390f595be4be33b3c5893bf119893b75ebd0bf0e7fab03bdce500 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:40 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137970 x-xss-protection 0 server cafe etag 8090107319978753090 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 11 Dec 2023 16:40:40 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 5129	9 KB 4 KB	127ms 39ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5153190283126579 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 76420 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 10 Dec 2023 19:27:00 GMT etag 5585625838579639069 expires Sun, 24 Dec 2023 19:27:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame B2E5	432 KB 99 KB	889ms 888ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&adk=1812271804&adf=3025194257&lmt=1702312840&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840392&bpp=22&bdt=927&idt=304&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3851304261781&frm=20&pv=2&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=344 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e76e8a144a812b137d60719581d77d1e75430ea09d57ede652539c2f03fd2e8c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 100695 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:41 GMT expires Mon, 11 Dec 2023 16:40:41 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame CDA3	130 KB 42 KB	692ms 692ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d2e46d9669ac9f4f02412deca52622296430d445a11124ebb91267c66dd0d6b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 43203 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:41 GMT expires Mon, 11 Dec 2023 16:40:41 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame CDA3	4 KB 751 B	51ms 49ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 16:40:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 15:34:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 16:40:41 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CDA3	2 KB 903 B	140ms 46ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 19:43:32 GMT content-encoding br x-content-type-options nosniff age 75429 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 19:43:32 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame CDA3	24 KB 9 KB	127ms 48ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1019 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CDA3	3 KB 1 KB	125ms 47ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1019 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CDA3	20 KB 9 KB	134ms 40ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:40 GMT content-encoding br x-content-type-options nosniff age 61021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 23:43:40 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame CDA3	202 KB 64 KB	201ms 107ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Dec 2023 16:40:41 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame CDA3	37 KB 16 KB	144ms 39ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 09:15:24 GMT content-encoding gzip x-content-type-options nosniff age 26717 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 10 Mar 2024 09:15:24 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/6488779204477047490/ Frame CDA3	93 KB 94 KB	46ms 45ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6488779204477047490/14763004658117789537?w=600&h=314&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2be72bfc5db157f16e5172c0173e8d0cb0f6d84baac248b8771d3ad2ff61581f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 10:35:58 GMT x-content-type-options nosniff age 21884 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95737 x-xss-protection 0 last-modified Tue, 24 Oct 2023 18:34:00 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 10 Dec 2024 10:35:58 GMT
GET H2	200	17989938980857881733 tpc.googlesyndication.com/simgad/ Frame CDA3	3 KB 3 KB	43ms 43ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/17989938980857881733?w=100&h=100&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 833113f92011cddf328ed57c4171f91e30f1d9a716324920f584443ede8dd1b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:08:31 GMT x-content-type-options nosniff age 1931 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2955 x-xss-protection 0 last-modified Mon, 06 Jul 2020 14:21:31 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 10 Dec 2024 16:08:31 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/	160 KB 55 KB	127ms 127ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/reactive_library_fy2021.js?bust=31080064 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a60a2bf8bfdbe5dc0bf2db6c71bf72942ea9f47e75a8c8c49e94820243965688 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56007 x-xss-protection 0 server cafe etag 4603345469531363926 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 16:40:42 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9B11	143 KB 47 KB	608ms 607ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1f5d631353cb9084e6ddeaca77009f4f93c386dbbed6d4050c22905ae3e3d267 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 47662 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:43 GMT expires Mon, 11 Dec 2023 16:40:43 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 783C	48 KB 17 KB	512ms 512ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 70283c2ac3e27d02a278ecef894f765babb1aa5725f56164c993265edd1f867b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 17409 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:43 GMT expires Mon, 11 Dec 2023 16:40:43 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame CDA3	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2d95bf6a3a965b4623a7c55681af9722244dcba09ee8be8fbf755e23dedc456d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame CDA3	16 KB 16 KB	51ms 49ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:55:14 GMT x-content-type-options nosniff age 247528 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 19:55:14 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame CDA3	15 KB 15 KB	40ms 39ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 09:26:44 GMT x-content-type-options nosniff age 26038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 10 Dec 2024 09:26:44 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame CDA3 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CSqYYiDt3Zd_INd215LcPwOax0AyS3fPnYuGfhtn9C2QQASCBuYOeAWCVgoCAmAegAcnVjuADyAEJqQKMXbZ3fAuyPqgDAcgDywSqBPIBT9D-zSdmVoLol6uuRIfTJOWIRS_-CeiWFrb77yq... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217505400642086308164%22,%22debug_reporting%22:true,%22destination%22:%22https://linztourismus.at%22,%22event_report_window...	0 0	165ms 75ms	Fetch text/css	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217505400642086308164%22,%22debug_reporting%22:true,%22destination%22:%22https://linztourismus.at%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006873289%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213986803247557819649%22}&andc=true Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"17505400642086308164","debug_reporting":true,"destination":"https://linztourismus.at","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1006873289"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"13986803247557819649"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 11 Dec 2023 16:40:43 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 11 Dec 2023 16:40:43 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17505400642086308164","debug_reporting":true,"destination":"https://linztourismus.at","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1006873289"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"13986803247557819649"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 9F14	9 KB 4 KB	41ms 39ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 72665 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 10 Dec 2023 20:29:38 GMT etag 5585625838579639069 expires Sun, 24 Dec 2023 20:29:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame BEEC	9 KB 4 KB	40ms 39ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 72665 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 10 Dec 2023 20:29:38 GMT etag 5585625838579639069 expires Sun, 24 Dec 2023 20:29:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 0337	9 KB 4 KB	40ms 39ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 72665 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 10 Dec 2023 20:29:38 GMT etag 5585625838579639069 expires Sun, 24 Dec 2023 20:29:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame D161	9 KB 4 KB	42ms 41ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 72665 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 10 Dec 2023 20:29:38 GMT etag 5585625838579639069 expires Sun, 24 Dec 2023 20:29:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame 1740	51 KB 19 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=2548115941&pi=t.aa~a.3911085084~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702312840&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312840414&bpp=2&bdt=949&idt=329&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=339 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 237498 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	199ms 75ms	Preflight text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217505400642086308164%22,%22debug_reporting%22:true,%22destination%22:%22https://linztourismus.at%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221006873289%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213986803247557819649%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 11 Dec 2023 16:40:43 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	css2 fonts.googleapis.com/ Frame 9F14	4 KB 671 B	54ms 53ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 15:38:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 16:40:43 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 9F14	205 B 520 B	42ms 39ms	Image image/png	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 13:28:20 GMT x-content-type-options nosniff age 270743 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 07 Dec 2024 13:28:20 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 9F14	604 B 696 B	42ms 41ms	Image image/png	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 11:41:25 GMT x-content-type-options nosniff age 277158 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 07 Dec 2024 11:41:25 GMT
GET H3	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 9F14	16 KB 7 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 19:00:08 GMT content-encoding br x-content-type-options nosniff age 78035 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6784 x-xss-protection 0 server cafe etag 2582286893585073394 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 19:00:08 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 9F14	22 KB 9 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 18:57:47 GMT content-encoding br x-content-type-options nosniff age 78176 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9231 x-xss-protection 0 server cafe etag 9385233705467680479 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 18:57:47 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 577E	624 B 242 B	90ms 87ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXbaMTTTTDFDJzkAgR0F0R2AA1fcTetiZf8llK-UCAvCcTq5jEDft0HtIfr_P-xazip7_p2gDgjF1dkNNBa606gpyIGkWzteY1z0Aynt9k3RM8B2vFK7-VjQm0iMzPS3oFzMIMgvL04kASPBzBhHKNM-DlCs-Em-aaylgbWYfHCZmTG_xE Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame AA4B	89 KB 31 KB	128ms 127ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AA4B	3 KB 1 KB	52ms 49ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AA4B	20 KB 8 KB	42ms 39ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:40 GMT content-encoding br x-content-type-options nosniff age 61023 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 23:43:40 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame AA4B	202 KB 64 KB	187ms 184ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame AA4B	42 B 63 B	162ms 161ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B66SLuYWYySv2oUgFE4xEeVxWkrmuMhxhW2wYN4RpKJ8RBweZvgZrFsTgsDkDQFkIurRBqPOZq65dZlZo3E1iI48mJ8qJRilbcNr2vkA8h157gS_o Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 0337	24 KB 9 KB	46ms 40ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 69CC	143 B 166 B	44ms 40ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 665 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:29:38 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0337	3 KB 1 KB	62ms 58ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0337	20 KB 8 KB	44ms 40ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:40 GMT content-encoding br x-content-type-options nosniff age 61023 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 23:43:40 GMT
GET H3	200	1975990771115661388 tpc.googlesyndication.com/simgad/ Frame 0337	36 KB 36 KB	64ms 60ms	Image image/png	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1975990771115661388?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm81R9AyookeiNOEWAb552miO-i0Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 95ba7965dad8a3bfa9a6b643debb7bd2b8d9cc3ec43ce55c7f9c8bcb7bfe08b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 01:50:45 GMT x-content-type-options nosniff age 53398 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36668 x-xss-protection 0 last-modified Wed, 08 Nov 2023 07:28:34 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 10 Dec 2024 01:50:45 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 0337	202 KB 64 KB	204ms 198ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0337	36 KB 14 KB	80ms 76ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 19:23:05 GMT content-encoding br x-content-type-options nosniff age 76658 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14788 x-xss-protection 0 server cafe etag 1899721059218863233 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 19:23:05 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 69F2	624 B 242 B	86ms 83ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPbZovkBMAE&v=APEucNXihdulMVVhyZwkFaqXjvHD7fXH3WeYFuGNn-eJsUxvZUUa9ssmMvDcPjx6dxXVzG3MX2OmjxFTlT4WU0QfYi9bbSbdzsC963sxAc6zlwA-mzXIPt0zODK5U3e7_ABkFDmc8VljxSFfDD5_mqaJDs5V6rNNqtBXoYi0sVz_DPLyOxk8hAQ Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 9D44	89 KB 31 KB	198ms 197ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9D44	3 KB 1 KB	74ms 71ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9D44	20 KB 8 KB	41ms 39ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:40 GMT content-encoding br x-content-type-options nosniff age 61023 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 23:43:40 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 9D44	202 KB 64 KB	186ms 183ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9D44	42 B 63 B	113ms 111ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CU86SIK6jZIbpRZ37NaXUiKZDBV0uF2oQmh_SPPb2HRK-qcMA5PP0TaZMnnqD3gu1yDqoJv_22fFkAmR4R9itIww3sOIEFtWCmN5PA9Fr5RB0jNNc Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	css fonts.googleapis.com/ Frame 9B11	14 KB 1 KB	50ms 49ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 15:34:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B11	2 KB 822 B	42ms 40ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 19:43:32 GMT content-encoding br x-content-type-options nosniff age 75431 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 19:43:32 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 9B11	24 KB 9 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B11	3 KB 1 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9B11	20 KB 8 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:40 GMT content-encoding br x-content-type-options nosniff age 61023 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 23:43:40 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 9B11	0 0	138ms 47ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDZ90HlK4IWoYwVp9zh2hZ-oyywlvTZiADtM5xRg1Vfgmhq3oFi3VtOBmIbN0TPs2gS1FwdL8Hw7d8A3CXHzSbH2yZqQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 9B11	202 KB 64 KB	86ms 84ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 9B11	37 KB 15 KB	46ms 46ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 09:15:24 GMT content-encoding gzip x-content-type-options nosniff age 26719 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 10 Mar 2024 09:15:24 GMT
GET H2	200	dr Show response as.ad4m.at/ad/ Frame 1B18	2 KB 3 KB	175ms 65ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1gmvre5tk608qy4dnf12dndcehhgpw5dtnxqapm4zrg0501tfmtxyfvz8meehc1ewzsab1xwwb55e8rw5ajgfn7s2xp3b03akmpp8ccav82fzhd8fzhyw4cvey99vpjjht42edb6e16ndzeqx2f085ggswzazrbe1q3x5cfxbgye8746sryp92jbddhgcgn9cnrt0cqjzgstcz5q9trm0ea297jfp5ergxd5kpfwmxmqts31qsnh94x8zwyzcwzxvmmp775jgjark7vy5y8gtjt5dt62dj8xc4jbn5r27qmpk8hvn32xckfmnmmee3x7gs4628wsy44dr6ktdfj5e7ce5ffh4q44bmd4pv4dfd0v051k79jv4wd6m4r33swd7zad13xawqhvydt30ky83ptep265bj648h94crad9weew5wy066751sf144deasykja38516&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%26client%3Dca-pub-5153190283126579%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa3e9b42585e78c2047bbd16f90bf582de5c71c35666272304b72db2f84b535b Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 833f2bc9df00bb83-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:43 GMT expires 0 nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} permissions-policy accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=() pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame ECD0	3 KB 1 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 56B8	1 KB 643 B	43ms 42ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 72049 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 10 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Mon, 11 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame ECD0	20 KB 8 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:40 GMT content-encoding br x-content-type-options nosniff age 61023 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 23:43:40 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame ECD0	0 0	55ms 53ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9UMT9x83RPoHnZaws6sSf6RtS7ntztfxHovvmhbhgaYI0j-bMQaphRsqxIs53wxPi0DTgXgKvNQGiZ7rDlPp6c4TW5Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame ECD0	202 KB 64 KB	91ms 90ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 577E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1	43 B 739 B	83ms 82ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXbaMTTTTDFDJzkAgR0F0R2AA1fcTetiZf8llK-UCAvCcTq5jEDft0HtIfr_P-xazip7_p2gDgjF1dkNNBa606gpyIGkWzteY1z0Aynt9k3RM8B2vFK7-VjQm0iMzPS3oFzMIMgvL04kASPBzBhHKNM-DlCs-Em-aaylgbWYfHCZmTG_xE Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bane%2BdHki6Z9KWSCmssoXpaiRPBT4UK5y111vp413L%2FIWVwP3tGXZW6VALY3r76bVOS5%2B%2F2yS1A%2F9tLlPXmmXV6qroaK%2FLvtz0lOedVwagjD89%2BDH9XsikgD0fuwqvoeNFrg39Zw%2FufxwA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 833f2bca9883aca9-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 577E Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXc7i4VFi-qAu6g1aLdErQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1	43 B 734 B	80ms 78ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXbaMTTTTDFDJzkAgR0F0R2AA1fcTetiZf8llK-UCAvCcTq5jEDft0HtIfr_P-xazip7_p2gDgjF1dkNNBa606gpyIGkWzteY1z0Aynt9k3RM8B2vFK7-VjQm0iMzPS3oFzMIMgvL04kASPBzBhHKNM-DlCs-Em-aaylgbWYfHCZmTG_xE Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezPzdFykIL%2BKQbiNiM1ITZbmRodY4IhKkUnOE5RseLnRl6b35uhMLuJ%2F9MpIfh0qKx3VQXW5xnSG0o7B8F531Kf0%2BxKaeuKdWJidNRUilz%2FoejQ9xznbOKwbsO0rhlVc8gL%2FIxNyVtIJaw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 833f2bcbbabfaca9-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 577E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEAHISfg3Don-HfhqRK7YFRQ&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAHISfg3Don-HfhqRK7YFRQ%26google_cver%3D1	43 B 891 B	55ms 54ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAHISfg3Don-HfhqRK7YFRQ%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXbaMTTTTDFDJzkAgR0F0R2AA1fcTetiZf8llK-UCAvCcTq5jEDft0HtIfr_P-xazip7_p2gDgjF1dkNNBa606gpyIGkWzteY1z0Aynt9k3RM8B2vFK7-VjQm0iMzPS3oFzMIMgvL04kASPBzBhHKNM-DlCs-Em-aaylgbWYfHCZmTG_xE Protocol H2 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT an-x-request-uuid fd72cbf9-2f3c-4572-9f2c-70901372457b server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.7.105; 80.255.7.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT an-x-request-uuid 9684e968-4e3d-446b-be31-5fd795137529 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAHISfg3Don-HfhqRK7YFRQ%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 80.255.7.105; 80.255.7.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 577E Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIzOTExMDcyNTkyODAxMzQwOQ%3D%3D	170 B 243 B	52ms 50ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIzOTExMDcyNTkyODAxMzQwOQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNXbaMTTTTDFDJzkAgR0F0R2AA1fcTetiZf8llK-UCAvCcTq5jEDft0HtIfr_P-xazip7_p2gDgjF1dkNNBa606gpyIGkWzteY1z0Aynt9k3RM8B2vFK7-VjQm0iMzPS3oFzMIMgvL04kASPBzBhHKNM-DlCs-Em-aaylgbWYfHCZmTG_xE Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT an-x-request-uuid 742f17c0-e040-4c56-a6bb-5fe8872015b8 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIzOTExMDcyNTkyODAxMzQwOQ%3D%3D x-proxy-origin 80.255.7.105; 80.255.7.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 69F2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1	43 B 770 B	77ms 77ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPbZovkBMAE&v=APEucNXihdulMVVhyZwkFaqXjvHD7fXH3WeYFuGNn-eJsUxvZUUa9ssmMvDcPjx6dxXVzG3MX2OmjxFTlT4WU0QfYi9bbSbdzsC963sxAc6zlwA-mzXIPt0zODK5U3e7_ABkFDmc8VljxSFfDD5_mqaJDs5V6rNNqtBXoYi0sVz_DPLyOxk8hAQ Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn5T50HuSVn8rjgyKqK6BDJe09JUE2n2bOnAoT4SMhuqRyeLfQqw7Bkuo3DSqn2Maj6J%2Fumvl%2BMO%2F6OY9qSq6AaQ%2BrfN2x6UZZ5iPyU8MOQq2PmFDtwDuD5zCdgDhVASjD9oXzzVkcGfAA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 833f2bca9880aca9-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 69F2 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXc7i8TeyfDM2sw0j4hKegAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1	43 B 732 B	82ms 72ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPbZovkBMAE&v=APEucNXihdulMVVhyZwkFaqXjvHD7fXH3WeYFuGNn-eJsUxvZUUa9ssmMvDcPjx6dxXVzG3MX2OmjxFTlT4WU0QfYi9bbSbdzsC963sxAc6zlwA-mzXIPt0zODK5U3e7_ABkFDmc8VljxSFfDD5_mqaJDs5V6rNNqtBXoYi0sVz_DPLyOxk8hAQ Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pO7swqDsmCPD9PrNGM%2B9wHFMwA3K7TJpt3hyDhectOg%2BLBw9qkFmdQQyACCk%2F1bBo8My0s23oeRfF8DDWxWijvhtTY6AMIlzPQMWGpVk7NzMnYdCU7UKnFMioTFyiBhUtS0IlzwIFp2FWw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 833f2bcbcadcaca9-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtDtFIfZjfx4txM7p2vJzI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 69F2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEAHISfg3Don-HfhqRK7YFRQ&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAHISfg3Don-HfhqRK7YFRQ%26google_cver%3D1	43 B 891 B	44ms 44ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAHISfg3Don-HfhqRK7YFRQ%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPbZovkBMAE&v=APEucNXihdulMVVhyZwkFaqXjvHD7fXH3WeYFuGNn-eJsUxvZUUa9ssmMvDcPjx6dxXVzG3MX2OmjxFTlT4WU0QfYi9bbSbdzsC963sxAc6zlwA-mzXIPt0zODK5U3e7_ABkFDmc8VljxSFfDD5_mqaJDs5V6rNNqtBXoYi0sVz_DPLyOxk8hAQ Protocol H2 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT an-x-request-uuid 42a422fe-d9ce-4954-9376-9dfee0458ad0 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 80.255.7.105; 80.255.7.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT an-x-request-uuid c49ecaef-3212-41a5-a866-1b594b216d70 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAHISfg3Don-HfhqRK7YFRQ%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 80.255.7.105; 80.255.7.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 69F2 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3MTYzNzUxNDA5NDM3NDg5Nw%3D%3D	170 B 232 B	55ms 54ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3MTYzNzUxNDA5NDM3NDg5Nw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPbZovkBMAE&v=APEucNXihdulMVVhyZwkFaqXjvHD7fXH3WeYFuGNn-eJsUxvZUUa9ssmMvDcPjx6dxXVzG3MX2OmjxFTlT4WU0QfYi9bbSbdzsC963sxAc6zlwA-mzXIPt0zODK5U3e7_ABkFDmc8VljxSFfDD5_mqaJDs5V6rNNqtBXoYi0sVz_DPLyOxk8hAQ Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT an-x-request-uuid 50f7418a-f591-42ec-a056-e030958da060 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3MTYzNzUxNDA5NDM3NDg5Nw%3D%3D x-proxy-origin 80.255.7.105; 80.255.7.105; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/4844077530742579334/ Frame 9B11	123 KB 123 KB	42ms 41ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4844077530742579334/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 460da083b9f1b4b93577e799db0612b649413b8109ecc63a9f7ead1d067d8cb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:51:07 GMT x-content-type-options nosniff age 251376 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126108 x-xss-protection 0 last-modified Tue, 18 Apr 2023 16:33:33 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 07 Dec 2024 18:51:07 GMT
GET DATA	200 OK	truncated / Frame 9B11	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 9B11	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5AF8	1 KB 643 B	45ms 43ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 72049 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 10 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Mon, 11 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	e21910fd923a6283b5d44b2382eabc86.js Show response www.gstatic.com/mysidia/ Frame CF3B	9 KB 4 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:12:01 GMT content-encoding gzip x-content-type-options nosniff age 224922 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4064 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 08 Mar 2024 02:12:01 GMT
GET H3	200	d500f8b303efba9f5ab695bab8da4c89.js Show response www.gstatic.com/mysidia/ Frame CF3B	20 KB 8 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 09:26:44 GMT content-encoding gzip x-content-type-options nosniff age 26039 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8365 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 10 Mar 2024 09:26:44 GMT
GET H3	200	css fonts.googleapis.com/ Frame CF3B	14 KB 1 KB	53ms 51ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 15:36:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CF3B	2 KB 822 B	43ms 39ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 19:43:32 GMT content-encoding br x-content-type-options nosniff age 75431 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 19:43:32 GMT
GET H3	200	92da1c8e4790a69c4d76e84ba2e3001c.js Show response www.gstatic.com/mysidia/ Frame CF3B	6 KB 2 KB	47ms 43ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 03:42:06 GMT content-encoding gzip x-content-type-options nosniff age 133117 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2259 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sat, 09 Mar 2024 03:42:06 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame CF3B	24 KB 9 KB	43ms 41ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CF3B	3 KB 1 KB	48ms 46ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:23:42 GMT content-encoding br x-content-type-options nosniff age 1021 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 16:23:42 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CF3B	20 KB 8 KB	46ms 43ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:43:40 GMT content-encoding br x-content-type-options nosniff age 61023 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 23:43:40 GMT
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame CF3B	202 KB 64 KB	94ms 92ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 11 Dec 2023 16:40:43 GMT
GET H3	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame CF3B	37 KB 15 KB	45ms 44ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 09:15:24 GMT content-encoding gzip x-content-type-options nosniff age 26719 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 10 Mar 2024 09:15:24 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AA4B	0 20 B	76ms 75ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8975071771504&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AA4B	0 20 B	75ms 75ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8975071771504&version=m202309260101&ct=77&x=1&cor=2907944179522641400 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame AA4B	20 KB 13 KB	221ms 218ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLhdsmJVZLm1KrcfTYIZuzgvJxOECYotHtiyWQcxaZGkXXhTgPArnDQTaLsmR51_5_3NQ6klaYhch80LoxvUTfNA0MNzghLdF_6z7VsbUzsBX_FIQAsIbWt8ewuqVbnc2iTl9kutCBPIrYoJQ-0Lew2blX6tCXhPFzL6bHOUoXV9tt8eM&cry=1&dbm_d=AKAmf-AmCRuIppG46Vcr4KxKbEzh_LmFlwgklG3RaLNHqMrpy_uqf6u6EYJtYdBBlYnhX7vg_ZHAXXXKC_O3pkws03wEkoIlbyUqpHYPw4MCWLoY1hRf0pXracShurD3-q-Bnj4rFAJuFKIu5DnVrf7N89DJ0abSE4n6xDQOHhKn7LkF1qFOieGDdJgNEkJyn0rUzBGA9X0SiNwAiW3PsJvCrKxb89A3SD65HjQ1--Z56DKJyo5FhiSM8fAw1hijF7S3TjVWHogoVTNN4q0lC4PU6mjXPtGOH2ytQsop6T_erPoCIBPvFhttuC2MO9Oq7fNP2qxevaHxokv6GTaMvtyano1aeOW1b7kSrkhDNK2pIMxp1_JlhZnlY5LPusLlx30k74j6Fn_2UqGbBrxj6wSqOdsSmd1pm9SLpLyslkxfUow6eecj3meZV-CW35hz2GiiwUbfUCTamvqraHeDxgQNWV0fHvZ9GPKZ5cMCIZ_ecA-rAVmtZtqOgOToPltOBzBdJsdx0aE3awazlj9ObHSZX8wpN1yyjt5BILl3rgzVUV8AO_Ft-uJUtvPbkSImlEgVocj8tshKNLSML4HJEaiFvhQExQ37X2Uc8dbobohMHV_kjyfkqCz2-tppFbN2jOaei0xWVx-pTv26bR1NQwucuXAQ06A2izwjNUL1he4yJYFq51_cKhngTXL6Jhcd3rgxF9gp9iTqwPuhdlrxxT9-yNAPgq_MYkEBsUeopWwnymCc4ADOdEjnaiRxi2GgJdM4yFT-o6iZKHwX8JkLiYhBt27SBUrVHtrPERC1LU5D833s_Egy5F-QmcFZuQ8XsaHU22YwleorSSNay4Fpops7mAAbWdFEXcwzYJJgqaeAC0N0xAWHJ7yKhsYyWKmQaQJduJSeR1VmADQhGLamZ_MTZTFEtHrHlm3S4QFm5NkeSpQB5tSQ2xavcFfAWNTLSqHDKvZxVJ0zZd46fzkwymEfX9Yhrqevi0L3reUEUwiQS1UKkrGRcx8l8u_9qWyhyzESAwRgwDOLnQyOpeYzVyfjxZB8vyyHdpwFqDpGCzkpQXuvHsHyAXNA682H9ZC9OJjs-zM2EfTz7vmRVarLHngdlgGEjMr0dpwL4l2laX6qlxMhVuk3pR2c3Uy-UtKnnVbnrJZ5KnmNnSwntWLmSnJS3oc2U2t5cl-d2VKXClzy4PKrgA8iZ10FbcQfuMfb13L7yWY8NgIa7ldXFVCXUb89lJHca8_iJg-nrOITZKQ8tRQ92bpudoStalqwozRbjdANmwj6r5QJAiOcwYXtydDRdCJ8Uu9AliTJbQbcLNngHHRtRePk8kmvK3LiOMMzWKw-VEeUqp5F1schce0MzFAJMSF4XaWYfDRXLgA0_VAnVEFdZAgxXmJ1wqxGHG2JKSO4S2VHfxnhUShmpGfr0QE7ltSZI4iw97qib708xvQfZ4z0eMyEZG05uWqxPkVvZJI-dvJxHTNAI7ZeIROA-GtTj2GLwID_bJQju9nkFREVNtHw2QD3xjLY58RTMxsyPM9zq4R54aVeQrjYrNlsg6imAjywYnTOE8fLxL_sr5cTLVyr0MDrrhH-7LTIaJzNwjrM-UfNSA_sw_6Asoy_Ev77m7juYH-OEN7SlP96WMISgNr8iSy9INtLbUDZxU51Q6UkaF6Xdv8mbszDcywk1nzi1s8uw1tBXIaghG0zam9yFUMsIAb8RftK_rj9v4kbdOs6Rw7I9lBwvyVrSUGibohc3xLjCjT6fLyuk3pys3Wlz1fAlQfKmi_BnVY23A1EEX_6YsS5-j_JxB_gqy5kZ5Www9k-Wvkn3h5wgMAddRlKJfqodE578iP_1oer6SvhbRYLz-7e-rnaF9lXO5yrLiK_YMCmJUmC6JKrfN62-GrvQgjwwa1tNqlxklentauLZ1mCyrqRydbFDvvUvJEF5iEAAz3BSFERIoGXbS99oJ1TboNt0oS1U8wNdc4X4hYgoKtCol1vH_qperx6JpKhh1oNB1hAoXLdifV3z4NdRY_hQcPlLSqhuSm5IAMr38qCbb5UO1M6stc7KLaEyQzkTEz-oCWUnTWgiBicycX7nlN3NFeS1LK7SvYox0LugkffoPWGd8Iic9cvIyHeY5tiNHJnbZWtHFQY4JsL4ejx8xZmxaGKEF6-fBALVaqhuNt2zb-K6HWEMwHc8JQmWW2gvW7UHEK-nQGzHa_OiBgqGtY7xej_B3iDpuZXIrUcAAMa4ieLR963FuALZAabYD4TFIr8R4rUjlaGJHVEngtOjkBecErYQBI0xVACLyqKBjxDp1Ja-lwK1gtL4h-sCQIT1M3H5srXcwSriPe3-7AEl_Oasn7xwpB39CUfZV0HtdQr9h-JOrsG2A33hkNuWKHFr8ye5rB_sEqqrdcS0QJb2TXEGK5NB6bG_ydgbicZ10x2AU7wPVizbhwIXkNfjKVjC8jVbgxs6zz8ipuQkuFcBrwyeY8-Urlz_PZ6vRbVhI2BTeh2RYPo5DQ_nf0gEKSuj-Dbd0jzWw6DXEFejn0cWEvewsakNAEVIirAdYfH0FQG_wRXxo8iiI3WQTElEsE6ECHsOSl_V4buuJZPC9vACaJTpLI6DdXB0Xmd4o4alL5LFvJBDPJ8J8FyfPXluSLJs8XG34KjHs5PNARabvhmdfvPw2zIj_dBpd5-x-Tk9auSTiPO7cOw2rA4pKad6koghUiGhZLQGWu_kNrmUp4Jw57gY0R6ZW9Z_yffCBGLsCCqhqBiTNqbNnzTrKHWsQFyAKChKlr2n4Rbh6R6UJJXIFanTQE4jsyDByFHU_9xv-N1O7T_Fp_HkfuxpGj1dUouwmWMH70UlgFhCKKGniCTOU8zoD2Ds-o8-Eus9ixYYtFbObMcS60ODjTfykq8oqIOibhheGxf935K4Vb8DuUfQ96QuTuSmHxWCaUQ54Gdeiyur9qXThASZTZPZV7-OWk2ML0oqlpQzfM1jzB6sVJl-qnhZlsRQELIxnd8qaemnPPNRRJvUNrGVYDUCPQDHBHY0hjUGG1siCb2IlpNP5wlNJaxXOWgZUlt__jGT_SFGyi8QbaxyDlGTbSMhosjs2Gy7Vv3PhmGMCY4DhaCKKh-j71ySJjMS0UwFLPZAB9aC9oAPOoMpNcZjkIAnpVFR-xkEadZ2D045443kSNTEs357mjhUcB-mCgIvRZzC2hLZLKKj-E6zl1cgIEQ4SYkOd84GL66QdHztn6v1FtkuFEEw1f7d5wvp41i8Tx4JY_43PHmBcJcnh_lJ_tQ0Ac3DU2gyzsdRa4aGp1SJ5ODL2l0KQh2K1M7h-K66Y9rVt-Rfdjrqy9AEXTFzQmr_ocpYoC12bjagnBein51Z8bZU07qxOa-BOBbsPMsdBclNYYgTPv34EkY-IXIIJZq7xAfP2lHao2ePk6FQl72_YO_pI6sOXiTIvXR-skvKEF7seuMHOCyCom6sRBdlvnJxxbwZFtjrBiCkw2PKRu63UgIX3wE-rTBCXx6XfTzhYeypmWY-gp9_8zYw7DKTDttROBBMq-IRth1UuPRwPzlVxRnS9Mm9IDErqjtNSJ6W23BeUgMEe3-cfW3ypSfWR0LTtSp_UBDsNmY31sWFEUI6HmsCbapUzUOFK_IJVY5Cb9vXBOVSZx0krx1Rw2EbU-AvyHeZ82mH53vmmQWxuW4mVHVuOZRLm0YwAZP3CXgatcfUBtvrcmtix6ZNVgB4DXxhF70b7J9iHa3dYlGcgHq2slw-IsGSz8Lioj-JDTOZWiqThkuk30z_i9MiPlUkmtXdu94Lg0FIakxPU14ZAC1qHpOe9pw7n-oGmYmRNxG4TMeT41HZ2Eg1nerjYxv58XhTJ8xsCgyPT8a7hEWeBjxPDdbcGBVma32eawDQ8i6gh8zSj3ZXjtyVwVpq7ApBX7ktrbJLZqlocjrZSvb9cT93pCN1pzgY8X5mRNUVrmVHLGa_5mIv7-XtfZPvS65J-9_CUKQToK6qOSJzALwlLX25l-b6IOiH7kcKwc_LbgymSior2xztN3EUKctwm4u0ZIH&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fma9ngon.xyz%2F&ds=l&xdt=1&iif=1&cor=2907944179522641400&adk=521587873&idt=135&cac=0&dtd=34 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ba480fdb7da84f6aa9bb92c99f1e13a28111ae162159589f06d9637fbb24e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13731 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9D44	0 20 B	75ms 75ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=823641694760&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9D44	0 20 B	79ms 78ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=823641694760&version=m202309260101&ct=76&x=1&cor=12273155403987284000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 9D44	109 KB 41 KB	96ms 96ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DE2HTogkTPv_Fv0T47TH6UKdIAhmW7nqFif3iVbZVU11HE_xHOiIcE86Y-0UeeirPYC_GrdRZEQ2K56VDLvrOkH-dPp5aVa9kY6P4my4JOtZdbs-Sho59lZUcoecY_dp07g06kAGr_I0XaqI12wlLnssd1Nq_7Wr56HTEZ5JDL58MWRG4&dbm_d=AKAmf-CPSgRWfBLcrt5sxsfPZZOLiZp_GZRLUuZEjFHJKJH5d9Sa7p3ETwcEhpUf2MqoRIvxDQLFYaUY9eWDo-UMJc41zeYkKDujloV2-a_W67_QymhnMSsM2HJ1T9JaHMqHBNCdd8kBo5u6x63yW9rz44hELMYJTmp9fhlQCeCKX0hlSax-rjtVcCg90UPtwsLSAYxYEaEUaY-ReZ8m-F90LwCsr9ZrLOvg0_F-50YRH1WHBKlRPIMGQhE3VcQmmzlCzxCTBKmmMZvCvB_RMwv7YZuVapUF8NP8EAqcBQl5VU5jcTHn4BXGMJawiWK6ZbSadUGiG6rLhKp9BkqP-RvwL9IPjXbvGXHMaCvbsw7NpTzzOwy4jiBF1TM2zbLUFtx7GmMLPn656CQ8Fubo6jtl7RAMHti2pSTBVVOd60f-IQDIRDOjfBAdxEfSbmIxyiDHfVklyMrTI2lMxshcNnGc0xjGm7cT7ntbO4OO5GzzrvRk6uKOi88w97kdCAvv1VuzdebMtckx_iJMIXSUDQie6BOHKl9hRvtApjRHVhhWIH5cI9zOT3j3nysmU4Sl71RANm4qGkE_AoE-YQ7hVl40wnlkM91O5JPuKolPQytpHRPD1pSjVHivk3UyfU4Y91OLt0VH5c-X56-rsSCtxLWdIrFfH8keaOB2WT-bOpF2aLYkFqzpA0MTL4mWdT3V0xZ51Xlso9sF7-zivhc1u7ZG4PgW7P-sO1y80DCsrySw2ZDmC6ru_PSKYZqOK_1sDHWaaysVjHTxZhmrrvvOmOYOqTjCtsrA1XXZgcUMcja7vnY50c2RsG87W8ZeLd3vyVutNL9_ZP94aXdLk3XdbUCGIGzTJp1SPblmrWqK5wvTFjLXYUqXIyDau05DWoG8nWwKsGxuNB9c7bGRW4HLL2A-mN3AY3429yzl4Xisd3tb0yVKgdTbQemOqMdPgaT7lmxLYO-y8s3cXbjLtO2zUdiZpNE1VUHLyqQDrR0kOJJZS4ns6ddaH5ol8qNPzgzcglmxZ4b4fg0RKMSsYQzwcyM2p08cvjvc4Ys6Yoz1RMbAbsPvFJORZBq2asjvdqKaqlrJ0Z5zLbn-WfwU2R7slyzJVK_eL9_jTP9N7kFEumcXvskTJE7xxXNSdbfsfJAgPuvXccS7D798SL4Jhtil9ftDJ1bgbT4Qa1836WAmdRLAiA8ngK9Ln0STk6HvgcIO8GdEn_1Zf10-t1W6BShsF590AEKCEFfhB6rDOSheIcaugiqUFTcjVd0dnYTA-R0-HFRopqzPhJadY9LTA7pIoHh_l4KuPO6G1I9RN2BpQmrTKxImMi0-uOg31qWqZAUQ3HgSN4tx4dcP4R0DRcu3IitesQ3nPEaEgGkOuzXwfLBg4zE-DNJjOh4tsFIGVuvT7eR90_TF_D7kjVvhLyqDnI6Fq6E2BEugIA2-N5QegewkUOAKsfX_lIWbBetaDsKlr7ZfXkH5WBll61WK-sN9guc2DMvRUcBugpoG9jM5DnHouQsf38ixl3-MhVxWY-kE6gFszs9vAiY-4sTl7-qv8A6OrZgxeyJtuQQEw4klhLh6lzgUWkOapw2jESiUeb6j1B3khgZRgd3IviSlFzOpb5XZwl2wL76kw_UG7i5gc_PVbUohMeg_ktycFf6Qtk02Q4uQZuR0Rx5bmFJD93v9eHu_0az366eirvYau8Uda2jAYcGAKCO9mvXj2QDApplfO__aAWIhjs09vXYD7xnMcjvbxMPon9PZ7gvI0ZcOReLcChDsS9c3G7GGeXNp0ntg_vGWo7pr7bNzJh-PDCllu3mWGeYhXSriCOee0JoddiUcDAtif2kAXx3E8VPSpFkU-u7gaGAoWMx5JffslZSVet4fw4Th30HmiH3inDSlCanflbY11kY_xpLu5eExOqx2IdGXhT3q8-jSbqFdqU-L_2YY0GNqfZ29ovO8H-1id2MpztLRlDbzamaxIsO-C0qXQxCcW6Jzuk1YEUgJFMxZPSDAb9eYY0oVeebguzQGhP2hUVA7d2vibeG3eJ53XuIBg8WGRIU-VYl-_XMLAY8-REgwe6dzMWMWwDAOWA63yNsCUGoPMBU53DGqNvWW4gGmIhEyH1QrVLRIvKv9ZsWeKeOp2P8ATlrw0h9N8o4uy9lZvNtFz8WuBOVoLa8jp3o9hAB6w666IIlyITOF4OzXaIuyXChp4EMWZHybT4XdDt10dpqeYyFz1bzeC6Agkf0Wslu2dv2OvCxFfBe1jKPDFAAzYsiTS72HA-QibUKUjUvXjGK1RjAAvTete-rRYfT3ldlth9ZwMFK0fyPQQ9eyyW2aqBYioXrt9hVwvShqhCr75MnlPzc-3C8CoraxLS3QHmffIXl88tnJUu8UbGvwTafOJAkw6Yfpsf5Wqlq7HoGsZWlYZNiPturgBBoc0uS6ZINOQGKskBDs8JA0kGvW6G_43O8lNMebhVLOY1Emw4-Z-9X-FfX0OYQUFkv4Kk-ArBNANurPmgXuB-bdjkGn1HSJnqTjPvtoKEkkpLntbYZsEPBA_QDKTn9CTaeza4y0ijH2h-Csp3zPteNcG2WAxB1sc2WqLtK9r2ftunTKUCvaupclMs5oQA0YF_2x25h6rJXgrc5tmpYgVRnqeFpL3zcGfC-37382NLRxwdmwUyG6oP2JMykF2QHxp8Ir-1nhHOgMYbN7GsGgrTZqhgHs0_CriRrZO3cWVKWN1NCCkYBaCLfPK-wiQdvXk2jnHsTkcp2FHm7z0bpzTVPMDzhUd7TETo-8pSBtQEYuCxViga1ZwTfdPGi64JxlF4Tksw16kExTWEqkSCFdQp9fs46CUroYJx52AyAQG8YP5Qk5SuIXiBW5sSKKoceRpqwQ7N1ynJYAFGOqtaQZx3ihUhXNn-PifcLNnHW5VPfMklVPLSZrV4BoUN_SqNXFTnHMf3ybTKZH79fScyAaWxj3F330oCZM4ru9KOCsQAB9r97zU7x-n79oBGsymvNmYRnIOCzrbVqxck6Hv0pSaAaCzaEhHNBI3YPMbHT3kb0rKj1_bqMuNOWDkJsHrNiwXJGFrEBtRKG5grGPBfk1EGKxlRv0EkaiViJTjpvCYn0xT5lKiQrjg8N9w9Bn-1RCHHRLKQhz1eKihEYXrkRNfqyakQNYUDLTcZG2Q-Vq4DC72Chj9IW9FlLKHnIgDPGpUFc4KCAZ3v-jgeQ-Zk-MUWjfmFWT3qX4KxDa_SVyBFA-wGYbpqjdYckIUPV98RjHcyDgZzvJ2Cd93h3ltHCxpjFA-vb2Pic_9wyLZef0aI0rINLVuIManloaefUkH5b5luYiqXczZ9Excvh-IaALkAEhX0ORe7PbFBIumEQ_S14EcaKc8ziDQ5k5vWQkl53Flr0124N2zYRBzJksjzqjuYchLQC-rVVXy2-RXRuStoxuRllNfdpUyAl-HPJDrVreo_H-V7RySXeOauFpUhRkJEOsaepeKPI3xgJfl_p_3tyYegQDF-eX-tgdntMAZhSqjLWucVlkpfJ1BhAWbvj8HX11LHJyD0fVMnQX4kxOaz4BkNJbNSQV8pYquLrbhCcR4jHbwtb8ajDq4_OV_GDKLc_MhpkdSIl7-4yFXZGQAkX8VjKu6m_pNZnUOfHHR-JEusBg0VRZ6L5M1EP3krS9BNByQ6AqcVO0hQZRoRn-hcjEpCc1QHAAAumuOwq9noJAeyjiOUlTcvYaw8yqtbMtQXqIooOL8bTEQamCAM-qjO_ZTW7zhXFQcxRXwXlOZMLrCNgWoQ6Vf9YlHvRBlrdxrvPS6js0wbrHsfENdKswiGhLDwJ3Dv88UlRg0VWSFTh-WU1nYtaJ9DV2iQNFWUZC1yb57gXcbOVVYPpoYj-pljHDrxonMZRrMjg3bcnNf64Q-mOTkAvwxSfv-hLQM_SNSaLPs29haJxGA6YPNY4MWM2ExTXYNOeWB8mLCTT7QM4vFtbPNv8ekG_aZjGyIdpds0Fnpod9DLk18rZhZunRfQ&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fma9ngon.xyz%2F&ds=l&xdt=1&iif=1&cor=12273155403987284000&adk=929882888&idt=243&cac=0&dtd=3 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cfc23714c8705039806ed8dfe496be2b18378f927d6c0012e4a9451ef68923f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42454 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	default.css as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 1B18	115 KB 14 KB	71ms 68ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1gmvre5tk608qy4dnf12dndcehhgpw5dtnxqapm4zrg0501tfmtxyfvz8meehc1ewzsab1xwwb55e8rw5ajgfn7s2xp3b03akmpp8ccav82fzhd8fzhyw4cvey99vpjjht42edb6e16ndzeqx2f085ggswzazrbe1q3x5cfxbgye8746sryp92jbddhgcgn9cnrt0cqjzgstcz5q9trm0ea297jfp5ergxd5kpfwmxmqts31qsnh94x8zwyzcwzxvmmp775jgjark7vy5y8gtjt5dt62dj8xc4jbn5r27qmpk8hvn32xckfmnmmee3x7gs4628wsy44dr6ktdfj5e7ce5ffh4q44bmd4pv4dfd0v051k79jv4wd6m4r33swd7zad13xawqhvydt30ky83ptep265bj648h94crad9weew5wy066751sf144deasykja38516&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%26client%3Dca-pub-5153190283126579%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1gmvre5tk608qy4dnf12dndcehhgpw5dtnxqapm4zrg0501tfmtxyfvz8meehc1ewzsab1xwwb55e8rw5ajgfn7s2xp3b03akmpp8ccav82fzhd8fzhyw4cvey99vpjjht42edb6e16ndzeqx2f085ggswzazrbe1q3x5cfxbgye8746sryp92jbddhgcgn9cnrt0cqjzgstcz5q9trm0ea297jfp5ergxd5kpfwmxmqts31qsnh94x8zwyzcwzxvmmp775jgjark7vy5y8gtjt5dt62dj8xc4jbn5r27qmpk8hvn32xckfmnmmee3x7gs4628wsy44dr6ktdfj5e7ce5ffh4q44bmd4pv4dfd0v051k79jv4wd6m4r33swd7zad13xawqhvydt30ky83ptep265bj648h94crad9weew5wy066751sf144deasykja38516&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%26client%3Dca-pub-5153190283126579%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 381567 cf-polished origSize=118430 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 02 Nov 2023 10:26:17 GMT server cloudflare etag W/"486507ccce9ac587d11c0ef3f32a109a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzBAjjMDWtoGSKJ5D%2BZkOg1s6hnGvobw54MyZr0gVC4h9f3Lp7%2B6Or1zpbHf%2FVUaLLqioGukFsVzUhH8i59I%2F5nBhWr1CjZsgmn9WkYteydmk%2Be1CBls3qfps%2FK9hq%2Fp0nTMfnNnGeo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=86400 cf-ray 833f2bcad86ebb83-FRA expires Tue, 12 Dec 2023 16:40:43 GMT
GET H2	200	r62eglto.js Show response ad4m.at/ Frame 1B18	24 KB 10 KB	81ms 55ms	Script application/javascript	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1gmvre5tk608qy4dnf12dndcehhgpw5dtnxqapm4zrg0501tfmtxyfvz8meehc1ewzsab1xwwb55e8rw5ajgfn7s2xp3b03akmpp8ccav82fzhd8fzhyw4cvey99vpjjht42edb6e16ndzeqx2f085ggswzazrbe1q3x5cfxbgye8746sryp92jbddhgcgn9cnrt0cqjzgstcz5q9trm0ea297jfp5ergxd5kpfwmxmqts31qsnh94x8zwyzcwzxvmmp775jgjark7vy5y8gtjt5dt62dj8xc4jbn5r27qmpk8hvn32xckfmnmmee3x7gs4628wsy44dr6ktdfj5e7ce5ffh4q44bmd4pv4dfd0v051k79jv4wd6m4r33swd7zad13xawqhvydt30ky83ptep265bj648h94crad9weew5wy066751sf144deasykja38516&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%26client%3Dca-pub-5153190283126579%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:44 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 Nov 2023 09:14:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 458756 etag W/"aa3e81d21ff1f0e18f4862e53a794952" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnoddrBt%2FjYpRyOCcSrTgv49FhImmumnlVT%2FXFtfL8lShh%2FvgPRLdY%2B2vuCyXZYITKJ%2F3EVVfeK4ZuyO18CDbW28%2B1da3C%2FTYs3cn5wHnxKfUN2QDVZx8mKOJP25XncCrtvtdKA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 833f2bcaf899bb83-FRA alt-svc h3=":443"; ma=86400 expires Wed, 06 Dec 2023 09:14:48 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 69CC Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	58ms 57ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:44 GMT expires Mon, 11 Dec 2023 16:40:44 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:43 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame ECD0	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 31dcfd1574c5d332a73e718f37c58eac8dc6105a87692072ca4dfdb2f76cac99 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame 56B8	35 B 465 B	184ms 48ms	Image image/gif	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEQ6u9y2IhSwS_5zsGt1MWY&google_cver=1&google_push=AXcoOmSYpNnQoSeY-qupwt9fuaLKiaQAwe1xItgkABYAVTgvCbHBAuL8e4msC1yhXiNKte44DYsBWD5N5qRIC28giHEEPdHb3WXRLQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame 56B8	0 104 B	205ms 75ms	Image text/plain	2a02:fa8:8806:13::1400 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELwy2yI0cIBj3bR-TwT7MjQ&google_cver=1&google_push=AXcoOmSOarlqwaHsqULYUByKiZQbmf-_U1Ss6gyh-EpZV1kOIfpS00cD5WlQ6lMTdFjS3MY9GGzUxYZYCeePradq0ugFSb5mZHimSw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 56B8 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAt-Xu3D4cjL9pvXDQfqZxM&google_push=AXcoOmQD1Ldqd31DaPnw3Z3kJQzCkxOIQzihY-fdeH-bHLQKo7txzOvWbx...	170 B 188 B	50ms 49ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAt-Xu3D4cjL9pvXDQfqZxM&google_push=AXcoOmQD1Ldqd31DaPnw3Z3kJQzCkxOIQzihY-fdeH-bHLQKo7txzOvWbxbRUB-HXCwmg6uKok6g_efFneBbDv1w4I7OtwtzqXd_8Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-fra-eddf8230080-FRA pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1702312844.257934,VS0,VE94 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAt-Xu3D4cjL9pvXDQfqZxM&google_push=AXcoOmQD1Ldqd31DaPnw3Z3kJQzCkxOIQzihY-fdeH-bHLQKo7txzOvWbxbRUB-HXCwmg6uKok6g_efFneBbDv1w4I7OtwtzqXd_8Q cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 56B8 Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIJzADwWmL_aZ0ORoaPGC1U&google_cver=1&google_push=AXcoOmT0zYGLeRPlOcri2DNEXhYfz4s8kq9Z_vVOJUzcakvs2o1Nv1v8e5jyTbUFY4coiQvFiMyyLrgVP_0... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT0zYGLeRPlOcri2DNEXhYfz4s8kq9Z_vVOJUzcakvs2o1Nv1v8e5jyTbUFY4coiQvFiMyyLrgVP_0J2lmR5dwHg59tnaVLRg&google_hm=F05VI8rFSkWQpPm1ek...	170 B 188 B	51ms 50ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT0zYGLeRPlOcri2DNEXhYfz4s8kq9Z_vVOJUzcakvs2o1Nv1v8e5jyTbUFY4coiQvFiMyyLrgVP_0J2lmR5dwHg59tnaVLRg&google_hm=F05VI8rFSkWQpPm1ekdVRGk Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:43 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT0zYGLeRPlOcri2DNEXhYfz4s8kq9Z_vVOJUzcakvs2o1Nv1v8e5jyTbUFY4coiQvFiMyyLrgVP_0J2lmR5dwHg59tnaVLRg&google_hm=F05VI8rFSkWQpPm1ekdVRGk content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 56B8 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAQBFZ4DieFZlNvUxoYr39A&google_cver=1&google_push=AXcoOmQJ5jsR1lphsqajabGuHlG55gRmyGWmF3kNxWL5Er5VsAKEG_9vNh6CPK4pYYdasqJFMLjzjfYH-xZyBS... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTM3Nzk5MjU0NzE3MDQ1NQ%3D%3D&google_push=AXcoOmQJ5jsR1lphsqajabGuHlG55gRmyGWmF3kNxWL5Er5VsAKEG_9vNh6CPK4pYYdasqJFMLjzjfYH-xZyBSc-7J...	170 B 188 B	54ms 53ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTM3Nzk5MjU0NzE3MDQ1NQ%3D%3D&google_push=AXcoOmQJ5jsR1lphsqajabGuHlG55gRmyGWmF3kNxWL5Er5VsAKEG_9vNh6CPK4pYYdasqJFMLjzjfYH-xZyBSc-7J0vGxZdTtCvFA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMTM3Nzk5MjU0NzE3MDQ1NQ%3D%3D&google_push=AXcoOmQJ5jsR1lphsqajabGuHlG55gRmyGWmF3kNxWL5Er5VsAKEG_9vNh6CPK4pYYdasqJFMLjzjfYH-xZyBSc-7J0vGxZdTtCvFA Date Mon, 11 Dec 2023 16:40:44 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 56B8 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKkUE96DOzVq8FPd4ZMcnVE&google_cver=1&google_push=AXcoOmSWYc05rJSwv_gjFVBqttHqR_UCRSVB0gEW0In-5nnaa4eQMcFqz2gMvhZWN9KLy6PvVbPDusOi... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKkUE96DOzVq8FPd4ZMcnVE&google_cver=1&google_push=AXcoOmSWYc05rJSwv_gjFVBqttHqR_UCRSVB0gEW0In-5nnaa4eQMcFqz2gMvhZWN9KLy6PvVbP... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzExMTU4NzI3NDI3MTk3NTg5OA&google_push=AXcoOmSWYc05rJSwv_gjFVBqttHqR_UCRSVB0gEW0In-5nnaa4eQMcFqz2gMvhZWN9KLy6PvVbPDus...	170 B 188 B	51ms 49ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzExMTU4NzI3NDI3MTk3NTg5OA&google_push=AXcoOmSWYc05rJSwv_gjFVBqttHqR_UCRSVB0gEW0In-5nnaa4eQMcFqz2gMvhZWN9KLy6PvVbPDusOiExqd0ApnuccQn5XBsu6MAg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzExMTU4NzI3NDI3MTk3NTg5OA&google_push=AXcoOmSWYc05rJSwv_gjFVBqttHqR_UCRSVB0gEW0In-5nnaa4eQMcFqz2gMvhZWN9KLy6PvVbPDusOiExqd0ApnuccQn5XBsu6MAg access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 56B8 Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENG1a5-zqbNbvW1yD9VwEzo&google_cver=1&google_push=AXcoOmRY8q4V1bEIi7NpXEHn1LAjZyRAnedV_lRdHevEF8eDEypmnHC4hO9Q6-3nbYrxID2FmfLQIliEKuaz... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRY8q4V1bEIi7NpXEHn1LAjZyRAnedV_lRdHevEF8eDEypmnHC4hO9Q6-3nbYrxID2FmfLQIliEKuazUzHPtDyPzymz4lp-VQ	170 B 188 B	55ms 54ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRY8q4V1bEIi7NpXEHn1LAjZyRAnedV_lRdHevEF8eDEypmnHC4hO9Q6-3nbYrxID2FmfLQIliEKuazUzHPtDyPzymz4lp-VQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRY8q4V1bEIi7NpXEHn1LAjZyRAnedV_lRdHevEF8eDEypmnHC4hO9Q6-3nbYrxID2FmfLQIliEKuazUzHPtDyPzymz4lp-VQ strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 56B8	0 59 B	60ms 57ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KopXO0x-Jfb1Zv8idMcns1ajD1VqZb-6FhB1NjBCQWor8-xzQy6Nm0rtnm3GS4wlbwp9so Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame 9B11	222 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 141d9947957fbe29cdcfed59e79344ebb7a9de1d7e190c9cf3e3542459c2d15b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame 5AF8	0 103 B	99ms 76ms	Image text/plain	2a02:fa8:8806:13::1400 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPbYCzPCS_3xrVO_1ddDPgg&google_cver=1&google_push=AXcoOmRdNumEsPKxMW1KVjqDiMVHWyf1PKWVBoO0ieCstoVYZB0y158FYpTg69PywilsfyEAdY1uRnf0p4P4vSFQM90-U0k_CbCk_ngUk9tWQABgCH1lntVhfe6hhma-u0K_AdnHNgNMoP8DejafODS1fItTGwE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H2	200	i.match s.tribalfusion.com/z/ Frame 5AF8 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEC7JGmKEpKBbgWSvH5zC2Zw&google_cver=1&google_push=AXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0ka... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC7JGmKEpKBbgWSvH5zC2Zw&google_cver=1&google_push=AXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0...	43 B 418 B	210ms 208ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC7JGmKEpKBbgWSvH5zC2Zw&google_cver=1&google_push=AXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0kaDO2BON-nXV0kM5bjaDwliqRAcij0iDST6lfL6rgiR9Sw3akNpIXwGwPyqA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0kaDO2BON-nXV0kM5bjaDwliqRAcij0iDST6lfL6rgiR9Sw3akNpIXwGwPyqA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 833f2bce4d0c3674-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 264 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC7JGmKEpKBbgWSvH5zC2Zw&google_cver=1&google_push=AXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0kaDO2BON-nXV0kM5bjaDwliqRAcij0iDST6lfL6rgiR9Sw3akNpIXwGwPyqA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRhPL2aK7HUGm5etVEVySWB4liKx_joiCA-DRCK0mHlWFqa57t54kegza4LYlJyBnfhV8IklosELWklX891YZkKgfLqWO0kaDO2BON-nXV0kM5bjaDwliqRAcij0iDST6lfL6rgiR9Sw3akNpIXwGwPyqA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 833f2bccea953674-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5AF8 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELcTHwrpqSKQKBuxfa79nMU&google_cver=1&google_push=AXcoOmRvesqF-Hz6DmbLPgPTr5yJ2vMz8vh6oKiLFevJ5vHSfvOBAhK13UGEPP_5fpQjfwS2uq3Bo4fS... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELcTHwrpqSKQKBuxfa79nMU&google_cver=1&google_push=AXcoOmRvesqF-Hz6DmbLPgPTr5yJ2vMz8vh6oKiLFevJ5vHSfvOBAhK13UGEPP_5fpQjfwS2uq3... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc2OTU2MTY2MDcyMzAzMTg2NA&google_push=AXcoOmRvesqF-Hz6DmbLPgPTr5yJ2vMz8vh6oKiLFevJ5vHSfvOBAhK13UGEPP_5fpQjfwS2uq3Bo4...	170 B 188 B	52ms 50ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc2OTU2MTY2MDcyMzAzMTg2NA&google_push=AXcoOmRvesqF-Hz6DmbLPgPTr5yJ2vMz8vh6oKiLFevJ5vHSfvOBAhK13UGEPP_5fpQjfwS2uq3Bo4fSfVff_ywk_kGyVonb2n5m-gukEORFWrvSB2xVa64ZE6AAuepd1NcH0Wsw5-3SSaM0m4fX22jX9zO_OrY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzc2OTU2MTY2MDcyMzAzMTg2NA&google_push=AXcoOmRvesqF-Hz6DmbLPgPTr5yJ2vMz8vh6oKiLFevJ5vHSfvOBAhK13UGEPP_5fpQjfwS2uq3Bo4fSfVff_ywk_kGyVonb2n5m-gukEORFWrvSB2xVa64ZE6AAuepd1NcH0Wsw5-3SSaM0m4fX22jX9zO_OrY access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	trk ag.innovid.com/ Frame 5AF8	43 B 296 B	181ms 46ms	Image image/gif	2a05:d01c:1d8:8100:9449:420b:1a77:b906 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMGcFYUc9EAfxa7TFIrb3A4&google_cver=1&google_push=AXcoOmTFIuhYdApse8ib-qBtOXCR3wW1XMO-kefs5H_gEcjorR3QtrNsSi6oYO146MWua4ZiPFxHBRC2d1j63Cb6Azpsa-Twn26c3G8ezKOi6nuHBSufQtunUwftxfRdAegwzg5xYDnnp7E4QCnJbXPEsnXt_6U Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8100:9449:420b:1a77:b906 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-type image/gif pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT cache-control no-cache content-length 43 request-time 0 expires -1
GET		googleredir googlecm.hit.gemius.pl/ Frame 5AF8	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5AF8 Redirect Chain https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEE3YbasIqj2xTehJP8gsckM&google_cver=1&google_push=AXcoOmQ50j39_oNssdpKA_1NJL2X2zsYXJ51YErlCBiKR981fKb-V-iOMnRbK2E2p7... https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ50j39_oNssdpKA_1NJL2X2zsYXJ51YErlCBiKR981fKb-V-iOMnRbK2E2p7TPIcHB_yMRugGlYf0vS9K9qOQHYAX68Jn70WDX73Jie1S3P-...	170 B 188 B	50ms 50ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ50j39_oNssdpKA_1NJL2X2zsYXJ51YErlCBiKR981fKb-V-iOMnRbK2E2p7TPIcHB_yMRugGlYf0vS9K9qOQHYAX68Jn70WDX73Jie1S3P-ao3SO6NjU9cqI9NhRDJyPQvaJBMm-QC1E6ODT4MFOaLgJX&google_hm=6NIAOD88TgmvAYiEBoUw4Gk Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ50j39_oNssdpKA_1NJL2X2zsYXJ51YErlCBiKR981fKb-V-iOMnRbK2E2p7TPIcHB_yMRugGlYf0vS9K9qOQHYAX68Jn70WDX73Jie1S3P-ao3SO6NjU9cqI9NhRDJyPQvaJBMm-QC1E6ODT4MFOaLgJX&google_hm=6NIAOD88TgmvAYiEBoUw4Gk content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	report sync.teads.tv/um/ Frame 5AF8 Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECqn4V2Rzvjo... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRYQsqSb8v4r5BpNjDyUibjK1Fa5MFB4SFT2xjS2MzXNewEAMt6IXNUmkxdIdsznj8RCzi11gw1MKFjHW6wqwnWArZK1hhlKBZWv6ZAiwC2U2v1T... https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	82ms 80ms	Image image/gif	23.35.225.56 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Server 23.35.225.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-225-56.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers expires Mon, 11 Dec 2023 16:40:44 GMT pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 5AF8	0 12 B	49ms 48ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqR783qstBGn-cXlsTQtMRZ7fyrAWIEpLO_nwGxtc0oZPEEVutA725hlrSyXEwG_bfEFTYGLhT Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:44 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1693932/75440260/ Frame 9D44	46 KB 12 KB	247ms 104ms	Script application/javascript	18.203.142.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1693932/75440260/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015017342&ias_pubId=pub-5153190283126579&ias_chanId=1&ias_placementId=20811529347&bidurl=https://ma9ngon.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jnzgKjZuaibVQh1kKOfLi2 Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.203.142.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-142-28.eu-west-1.compute.amazonaws.com Software / Resource Hash 62264ba711d1447496a4667e39c3b1fe7b069c6b6cb9f2886216cfccbac99cef Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 9D44	111 KB 39 KB	138ms 44ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 20:46:39 GMT content-encoding gzip x-content-type-options nosniff age 71645 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 11 Dec 2023 20:46:39 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 9D44	11 KB 4 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DE2HTogkTPv_Fv0T47TH6UKdIAhmW7nqFif3iVbZVU11HE_xHOiIcE86Y-0UeeirPYC_GrdRZEQ2K56VDLvrOkH-dPp5aVa9kY6P4my4JOtZdbs-Sho59lZUcoecY_dp07g06kAGr_I0XaqI12wlLnssd1Nq_7Wr56HTEZ5JDL58MWRG4&dbm_d=AKAmf-CPSgRWfBLcrt5sxsfPZZOLiZp_GZRLUuZEjFHJKJH5d9Sa7p3ETwcEhpUf2MqoRIvxDQLFYaUY9eWDo-UMJc41zeYkKDujloV2-a_W67_QymhnMSsM2HJ1T9JaHMqHBNCdd8kBo5u6x63yW9rz44hELMYJTmp9fhlQCeCKX0hlSax-rjtVcCg90UPtwsLSAYxYEaEUaY-ReZ8m-F90LwCsr9ZrLOvg0_F-50YRH1WHBKlRPIMGQhE3VcQmmzlCzxCTBKmmMZvCvB_RMwv7YZuVapUF8NP8EAqcBQl5VU5jcTHn4BXGMJawiWK6ZbSadUGiG6rLhKp9BkqP-RvwL9IPjXbvGXHMaCvbsw7NpTzzOwy4jiBF1TM2zbLUFtx7GmMLPn656CQ8Fubo6jtl7RAMHti2pSTBVVOd60f-IQDIRDOjfBAdxEfSbmIxyiDHfVklyMrTI2lMxshcNnGc0xjGm7cT7ntbO4OO5GzzrvRk6uKOi88w97kdCAvv1VuzdebMtckx_iJMIXSUDQie6BOHKl9hRvtApjRHVhhWIH5cI9zOT3j3nysmU4Sl71RANm4qGkE_AoE-YQ7hVl40wnlkM91O5JPuKolPQytpHRPD1pSjVHivk3UyfU4Y91OLt0VH5c-X56-rsSCtxLWdIrFfH8keaOB2WT-bOpF2aLYkFqzpA0MTL4mWdT3V0xZ51Xlso9sF7-zivhc1u7ZG4PgW7P-sO1y80DCsrySw2ZDmC6ru_PSKYZqOK_1sDHWaaysVjHTxZhmrrvvOmOYOqTjCtsrA1XXZgcUMcja7vnY50c2RsG87W8ZeLd3vyVutNL9_ZP94aXdLk3XdbUCGIGzTJp1SPblmrWqK5wvTFjLXYUqXIyDau05DWoG8nWwKsGxuNB9c7bGRW4HLL2A-mN3AY3429yzl4Xisd3tb0yVKgdTbQemOqMdPgaT7lmxLYO-y8s3cXbjLtO2zUdiZpNE1VUHLyqQDrR0kOJJZS4ns6ddaH5ol8qNPzgzcglmxZ4b4fg0RKMSsYQzwcyM2p08cvjvc4Ys6Yoz1RMbAbsPvFJORZBq2asjvdqKaqlrJ0Z5zLbn-WfwU2R7slyzJVK_eL9_jTP9N7kFEumcXvskTJE7xxXNSdbfsfJAgPuvXccS7D798SL4Jhtil9ftDJ1bgbT4Qa1836WAmdRLAiA8ngK9Ln0STk6HvgcIO8GdEn_1Zf10-t1W6BShsF590AEKCEFfhB6rDOSheIcaugiqUFTcjVd0dnYTA-R0-HFRopqzPhJadY9LTA7pIoHh_l4KuPO6G1I9RN2BpQmrTKxImMi0-uOg31qWqZAUQ3HgSN4tx4dcP4R0DRcu3IitesQ3nPEaEgGkOuzXwfLBg4zE-DNJjOh4tsFIGVuvT7eR90_TF_D7kjVvhLyqDnI6Fq6E2BEugIA2-N5QegewkUOAKsfX_lIWbBetaDsKlr7ZfXkH5WBll61WK-sN9guc2DMvRUcBugpoG9jM5DnHouQsf38ixl3-MhVxWY-kE6gFszs9vAiY-4sTl7-qv8A6OrZgxeyJtuQQEw4klhLh6lzgUWkOapw2jESiUeb6j1B3khgZRgd3IviSlFzOpb5XZwl2wL76kw_UG7i5gc_PVbUohMeg_ktycFf6Qtk02Q4uQZuR0Rx5bmFJD93v9eHu_0az366eirvYau8Uda2jAYcGAKCO9mvXj2QDApplfO__aAWIhjs09vXYD7xnMcjvbxMPon9PZ7gvI0ZcOReLcChDsS9c3G7GGeXNp0ntg_vGWo7pr7bNzJh-PDCllu3mWGeYhXSriCOee0JoddiUcDAtif2kAXx3E8VPSpFkU-u7gaGAoWMx5JffslZSVet4fw4Th30HmiH3inDSlCanflbY11kY_xpLu5eExOqx2IdGXhT3q8-jSbqFdqU-L_2YY0GNqfZ29ovO8H-1id2MpztLRlDbzamaxIsO-C0qXQxCcW6Jzuk1YEUgJFMxZPSDAb9eYY0oVeebguzQGhP2hUVA7d2vibeG3eJ53XuIBg8WGRIU-VYl-_XMLAY8-REgwe6dzMWMWwDAOWA63yNsCUGoPMBU53DGqNvWW4gGmIhEyH1QrVLRIvKv9ZsWeKeOp2P8ATlrw0h9N8o4uy9lZvNtFz8WuBOVoLa8jp3o9hAB6w666IIlyITOF4OzXaIuyXChp4EMWZHybT4XdDt10dpqeYyFz1bzeC6Agkf0Wslu2dv2OvCxFfBe1jKPDFAAzYsiTS72HA-QibUKUjUvXjGK1RjAAvTete-rRYfT3ldlth9ZwMFK0fyPQQ9eyyW2aqBYioXrt9hVwvShqhCr75MnlPzc-3C8CoraxLS3QHmffIXl88tnJUu8UbGvwTafOJAkw6Yfpsf5Wqlq7HoGsZWlYZNiPturgBBoc0uS6ZINOQGKskBDs8JA0kGvW6G_43O8lNMebhVLOY1Emw4-Z-9X-FfX0OYQUFkv4Kk-ArBNANurPmgXuB-bdjkGn1HSJnqTjPvtoKEkkpLntbYZsEPBA_QDKTn9CTaeza4y0ijH2h-Csp3zPteNcG2WAxB1sc2WqLtK9r2ftunTKUCvaupclMs5oQA0YF_2x25h6rJXgrc5tmpYgVRnqeFpL3zcGfC-37382NLRxwdmwUyG6oP2JMykF2QHxp8Ir-1nhHOgMYbN7GsGgrTZqhgHs0_CriRrZO3cWVKWN1NCCkYBaCLfPK-wiQdvXk2jnHsTkcp2FHm7z0bpzTVPMDzhUd7TETo-8pSBtQEYuCxViga1ZwTfdPGi64JxlF4Tksw16kExTWEqkSCFdQp9fs46CUroYJx52AyAQG8YP5Qk5SuIXiBW5sSKKoceRpqwQ7N1ynJYAFGOqtaQZx3ihUhXNn-PifcLNnHW5VPfMklVPLSZrV4BoUN_SqNXFTnHMf3ybTKZH79fScyAaWxj3F330oCZM4ru9KOCsQAB9r97zU7x-n79oBGsymvNmYRnIOCzrbVqxck6Hv0pSaAaCzaEhHNBI3YPMbHT3kb0rKj1_bqMuNOWDkJsHrNiwXJGFrEBtRKG5grGPBfk1EGKxlRv0EkaiViJTjpvCYn0xT5lKiQrjg8N9w9Bn-1RCHHRLKQhz1eKihEYXrkRNfqyakQNYUDLTcZG2Q-Vq4DC72Chj9IW9FlLKHnIgDPGpUFc4KCAZ3v-jgeQ-Zk-MUWjfmFWT3qX4KxDa_SVyBFA-wGYbpqjdYckIUPV98RjHcyDgZzvJ2Cd93h3ltHCxpjFA-vb2Pic_9wyLZef0aI0rINLVuIManloaefUkH5b5luYiqXczZ9Excvh-IaALkAEhX0ORe7PbFBIumEQ_S14EcaKc8ziDQ5k5vWQkl53Flr0124N2zYRBzJksjzqjuYchLQC-rVVXy2-RXRuStoxuRllNfdpUyAl-HPJDrVreo_H-V7RySXeOauFpUhRkJEOsaepeKPI3xgJfl_p_3tyYegQDF-eX-tgdntMAZhSqjLWucVlkpfJ1BhAWbvj8HX11LHJyD0fVMnQX4kxOaz4BkNJbNSQV8pYquLrbhCcR4jHbwtb8ajDq4_OV_GDKLc_MhpkdSIl7-4yFXZGQAkX8VjKu6m_pNZnUOfHHR-JEusBg0VRZ6L5M1EP3krS9BNByQ6AqcVO0hQZRoRn-hcjEpCc1QHAAAumuOwq9noJAeyjiOUlTcvYaw8yqtbMtQXqIooOL8bTEQamCAM-qjO_ZTW7zhXFQcxRXwXlOZMLrCNgWoQ6Vf9YlHvRBlrdxrvPS6js0wbrHsfENdKswiGhLDwJ3Dv88UlRg0VWSFTh-WU1nYtaJ9DV2iQNFWUZC1yb57gXcbOVVYPpoYj-pljHDrxonMZRrMjg3bcnNf64Q-mOTkAvwxSfv-hLQM_SNSaLPs29haJxGA6YPNY4MWM2ExTXYNOeWB8mLCTT7QM4vFtbPNv8ekG_aZjGyIdpds0Fnpod9DLk18rZhZunRfQ&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fma9ngon.xyz%2F&ds=l&xdt=1&iif=1&cor=12273155403987284000&adk=929882888&idt=243&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 11:47:21 GMT content-encoding br x-content-type-options nosniff age 17603 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 14415875674906819925 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 25 Dec 2023 11:47:21 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 9D44	31 KB 12 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DE2HTogkTPv_Fv0T47TH6UKdIAhmW7nqFif3iVbZVU11HE_xHOiIcE86Y-0UeeirPYC_GrdRZEQ2K56VDLvrOkH-dPp5aVa9kY6P4my4JOtZdbs-Sho59lZUcoecY_dp07g06kAGr_I0XaqI12wlLnssd1Nq_7Wr56HTEZ5JDL58MWRG4&dbm_d=AKAmf-CPSgRWfBLcrt5sxsfPZZOLiZp_GZRLUuZEjFHJKJH5d9Sa7p3ETwcEhpUf2MqoRIvxDQLFYaUY9eWDo-UMJc41zeYkKDujloV2-a_W67_QymhnMSsM2HJ1T9JaHMqHBNCdd8kBo5u6x63yW9rz44hELMYJTmp9fhlQCeCKX0hlSax-rjtVcCg90UPtwsLSAYxYEaEUaY-ReZ8m-F90LwCsr9ZrLOvg0_F-50YRH1WHBKlRPIMGQhE3VcQmmzlCzxCTBKmmMZvCvB_RMwv7YZuVapUF8NP8EAqcBQl5VU5jcTHn4BXGMJawiWK6ZbSadUGiG6rLhKp9BkqP-RvwL9IPjXbvGXHMaCvbsw7NpTzzOwy4jiBF1TM2zbLUFtx7GmMLPn656CQ8Fubo6jtl7RAMHti2pSTBVVOd60f-IQDIRDOjfBAdxEfSbmIxyiDHfVklyMrTI2lMxshcNnGc0xjGm7cT7ntbO4OO5GzzrvRk6uKOi88w97kdCAvv1VuzdebMtckx_iJMIXSUDQie6BOHKl9hRvtApjRHVhhWIH5cI9zOT3j3nysmU4Sl71RANm4qGkE_AoE-YQ7hVl40wnlkM91O5JPuKolPQytpHRPD1pSjVHivk3UyfU4Y91OLt0VH5c-X56-rsSCtxLWdIrFfH8keaOB2WT-bOpF2aLYkFqzpA0MTL4mWdT3V0xZ51Xlso9sF7-zivhc1u7ZG4PgW7P-sO1y80DCsrySw2ZDmC6ru_PSKYZqOK_1sDHWaaysVjHTxZhmrrvvOmOYOqTjCtsrA1XXZgcUMcja7vnY50c2RsG87W8ZeLd3vyVutNL9_ZP94aXdLk3XdbUCGIGzTJp1SPblmrWqK5wvTFjLXYUqXIyDau05DWoG8nWwKsGxuNB9c7bGRW4HLL2A-mN3AY3429yzl4Xisd3tb0yVKgdTbQemOqMdPgaT7lmxLYO-y8s3cXbjLtO2zUdiZpNE1VUHLyqQDrR0kOJJZS4ns6ddaH5ol8qNPzgzcglmxZ4b4fg0RKMSsYQzwcyM2p08cvjvc4Ys6Yoz1RMbAbsPvFJORZBq2asjvdqKaqlrJ0Z5zLbn-WfwU2R7slyzJVK_eL9_jTP9N7kFEumcXvskTJE7xxXNSdbfsfJAgPuvXccS7D798SL4Jhtil9ftDJ1bgbT4Qa1836WAmdRLAiA8ngK9Ln0STk6HvgcIO8GdEn_1Zf10-t1W6BShsF590AEKCEFfhB6rDOSheIcaugiqUFTcjVd0dnYTA-R0-HFRopqzPhJadY9LTA7pIoHh_l4KuPO6G1I9RN2BpQmrTKxImMi0-uOg31qWqZAUQ3HgSN4tx4dcP4R0DRcu3IitesQ3nPEaEgGkOuzXwfLBg4zE-DNJjOh4tsFIGVuvT7eR90_TF_D7kjVvhLyqDnI6Fq6E2BEugIA2-N5QegewkUOAKsfX_lIWbBetaDsKlr7ZfXkH5WBll61WK-sN9guc2DMvRUcBugpoG9jM5DnHouQsf38ixl3-MhVxWY-kE6gFszs9vAiY-4sTl7-qv8A6OrZgxeyJtuQQEw4klhLh6lzgUWkOapw2jESiUeb6j1B3khgZRgd3IviSlFzOpb5XZwl2wL76kw_UG7i5gc_PVbUohMeg_ktycFf6Qtk02Q4uQZuR0Rx5bmFJD93v9eHu_0az366eirvYau8Uda2jAYcGAKCO9mvXj2QDApplfO__aAWIhjs09vXYD7xnMcjvbxMPon9PZ7gvI0ZcOReLcChDsS9c3G7GGeXNp0ntg_vGWo7pr7bNzJh-PDCllu3mWGeYhXSriCOee0JoddiUcDAtif2kAXx3E8VPSpFkU-u7gaGAoWMx5JffslZSVet4fw4Th30HmiH3inDSlCanflbY11kY_xpLu5eExOqx2IdGXhT3q8-jSbqFdqU-L_2YY0GNqfZ29ovO8H-1id2MpztLRlDbzamaxIsO-C0qXQxCcW6Jzuk1YEUgJFMxZPSDAb9eYY0oVeebguzQGhP2hUVA7d2vibeG3eJ53XuIBg8WGRIU-VYl-_XMLAY8-REgwe6dzMWMWwDAOWA63yNsCUGoPMBU53DGqNvWW4gGmIhEyH1QrVLRIvKv9ZsWeKeOp2P8ATlrw0h9N8o4uy9lZvNtFz8WuBOVoLa8jp3o9hAB6w666IIlyITOF4OzXaIuyXChp4EMWZHybT4XdDt10dpqeYyFz1bzeC6Agkf0Wslu2dv2OvCxFfBe1jKPDFAAzYsiTS72HA-QibUKUjUvXjGK1RjAAvTete-rRYfT3ldlth9ZwMFK0fyPQQ9eyyW2aqBYioXrt9hVwvShqhCr75MnlPzc-3C8CoraxLS3QHmffIXl88tnJUu8UbGvwTafOJAkw6Yfpsf5Wqlq7HoGsZWlYZNiPturgBBoc0uS6ZINOQGKskBDs8JA0kGvW6G_43O8lNMebhVLOY1Emw4-Z-9X-FfX0OYQUFkv4Kk-ArBNANurPmgXuB-bdjkGn1HSJnqTjPvtoKEkkpLntbYZsEPBA_QDKTn9CTaeza4y0ijH2h-Csp3zPteNcG2WAxB1sc2WqLtK9r2ftunTKUCvaupclMs5oQA0YF_2x25h6rJXgrc5tmpYgVRnqeFpL3zcGfC-37382NLRxwdmwUyG6oP2JMykF2QHxp8Ir-1nhHOgMYbN7GsGgrTZqhgHs0_CriRrZO3cWVKWN1NCCkYBaCLfPK-wiQdvXk2jnHsTkcp2FHm7z0bpzTVPMDzhUd7TETo-8pSBtQEYuCxViga1ZwTfdPGi64JxlF4Tksw16kExTWEqkSCFdQp9fs46CUroYJx52AyAQG8YP5Qk5SuIXiBW5sSKKoceRpqwQ7N1ynJYAFGOqtaQZx3ihUhXNn-PifcLNnHW5VPfMklVPLSZrV4BoUN_SqNXFTnHMf3ybTKZH79fScyAaWxj3F330oCZM4ru9KOCsQAB9r97zU7x-n79oBGsymvNmYRnIOCzrbVqxck6Hv0pSaAaCzaEhHNBI3YPMbHT3kb0rKj1_bqMuNOWDkJsHrNiwXJGFrEBtRKG5grGPBfk1EGKxlRv0EkaiViJTjpvCYn0xT5lKiQrjg8N9w9Bn-1RCHHRLKQhz1eKihEYXrkRNfqyakQNYUDLTcZG2Q-Vq4DC72Chj9IW9FlLKHnIgDPGpUFc4KCAZ3v-jgeQ-Zk-MUWjfmFWT3qX4KxDa_SVyBFA-wGYbpqjdYckIUPV98RjHcyDgZzvJ2Cd93h3ltHCxpjFA-vb2Pic_9wyLZef0aI0rINLVuIManloaefUkH5b5luYiqXczZ9Excvh-IaALkAEhX0ORe7PbFBIumEQ_S14EcaKc8ziDQ5k5vWQkl53Flr0124N2zYRBzJksjzqjuYchLQC-rVVXy2-RXRuStoxuRllNfdpUyAl-HPJDrVreo_H-V7RySXeOauFpUhRkJEOsaepeKPI3xgJfl_p_3tyYegQDF-eX-tgdntMAZhSqjLWucVlkpfJ1BhAWbvj8HX11LHJyD0fVMnQX4kxOaz4BkNJbNSQV8pYquLrbhCcR4jHbwtb8ajDq4_OV_GDKLc_MhpkdSIl7-4yFXZGQAkX8VjKu6m_pNZnUOfHHR-JEusBg0VRZ6L5M1EP3krS9BNByQ6AqcVO0hQZRoRn-hcjEpCc1QHAAAumuOwq9noJAeyjiOUlTcvYaw8yqtbMtQXqIooOL8bTEQamCAM-qjO_ZTW7zhXFQcxRXwXlOZMLrCNgWoQ6Vf9YlHvRBlrdxrvPS6js0wbrHsfENdKswiGhLDwJ3Dv88UlRg0VWSFTh-WU1nYtaJ9DV2iQNFWUZC1yb57gXcbOVVYPpoYj-pljHDrxonMZRrMjg3bcnNf64Q-mOTkAvwxSfv-hLQM_SNSaLPs29haJxGA6YPNY4MWM2ExTXYNOeWB8mLCTT7QM4vFtbPNv8ekG_aZjGyIdpds0Fnpod9DLk18rZhZunRfQ&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fma9ngon.xyz%2F&ds=l&xdt=1&iif=1&cor=12273155403987284000&adk=929882888&idt=243&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 19:11:00 GMT content-encoding br x-content-type-options nosniff age 77384 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11943 x-xss-protection 0 server cafe etag 4141415479739543000 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 24 Dec 2023 19:11:00 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 9D44	41 KB 14 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:25:15 GMT content-encoding br x-content-type-options nosniff age 929 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 10 Dec 2024 16:25:15 GMT
GET DATA	200 OK	truncated / Frame 9D44	208 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bd6756e0e64c8ec0c20fc767f91b22dc8f707309bd37c2f21e86dc6d7c82fe4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 9B11	33 KB 33 KB	42ms 42ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 06 Dec 2023 21:01:51 GMT x-content-type-options nosniff age 416333 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 05 Dec 2024 21:01:51 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame AA4B	41 KB 14 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLhdsmJVZLm1KrcfTYIZuzgvJxOECYotHtiyWQcxaZGkXXhTgPArnDQTaLsmR51_5_3NQ6klaYhch80LoxvUTfNA0MNzghLdF_6z7VsbUzsBX_FIQAsIbWt8ewuqVbnc2iTl9kutCBPIrYoJQ-0Lew2blX6tCXhPFzL6bHOUoXV9tt8eM&cry=1&dbm_d=AKAmf-AmCRuIppG46Vcr4KxKbEzh_LmFlwgklG3RaLNHqMrpy_uqf6u6EYJtYdBBlYnhX7vg_ZHAXXXKC_O3pkws03wEkoIlbyUqpHYPw4MCWLoY1hRf0pXracShurD3-q-Bnj4rFAJuFKIu5DnVrf7N89DJ0abSE4n6xDQOHhKn7LkF1qFOieGDdJgNEkJyn0rUzBGA9X0SiNwAiW3PsJvCrKxb89A3SD65HjQ1--Z56DKJyo5FhiSM8fAw1hijF7S3TjVWHogoVTNN4q0lC4PU6mjXPtGOH2ytQsop6T_erPoCIBPvFhttuC2MO9Oq7fNP2qxevaHxokv6GTaMvtyano1aeOW1b7kSrkhDNK2pIMxp1_JlhZnlY5LPusLlx30k74j6Fn_2UqGbBrxj6wSqOdsSmd1pm9SLpLyslkxfUow6eecj3meZV-CW35hz2GiiwUbfUCTamvqraHeDxgQNWV0fHvZ9GPKZ5cMCIZ_ecA-rAVmtZtqOgOToPltOBzBdJsdx0aE3awazlj9ObHSZX8wpN1yyjt5BILl3rgzVUV8AO_Ft-uJUtvPbkSImlEgVocj8tshKNLSML4HJEaiFvhQExQ37X2Uc8dbobohMHV_kjyfkqCz2-tppFbN2jOaei0xWVx-pTv26bR1NQwucuXAQ06A2izwjNUL1he4yJYFq51_cKhngTXL6Jhcd3rgxF9gp9iTqwPuhdlrxxT9-yNAPgq_MYkEBsUeopWwnymCc4ADOdEjnaiRxi2GgJdM4yFT-o6iZKHwX8JkLiYhBt27SBUrVHtrPERC1LU5D833s_Egy5F-QmcFZuQ8XsaHU22YwleorSSNay4Fpops7mAAbWdFEXcwzYJJgqaeAC0N0xAWHJ7yKhsYyWKmQaQJduJSeR1VmADQhGLamZ_MTZTFEtHrHlm3S4QFm5NkeSpQB5tSQ2xavcFfAWNTLSqHDKvZxVJ0zZd46fzkwymEfX9Yhrqevi0L3reUEUwiQS1UKkrGRcx8l8u_9qWyhyzESAwRgwDOLnQyOpeYzVyfjxZB8vyyHdpwFqDpGCzkpQXuvHsHyAXNA682H9ZC9OJjs-zM2EfTz7vmRVarLHngdlgGEjMr0dpwL4l2laX6qlxMhVuk3pR2c3Uy-UtKnnVbnrJZ5KnmNnSwntWLmSnJS3oc2U2t5cl-d2VKXClzy4PKrgA8iZ10FbcQfuMfb13L7yWY8NgIa7ldXFVCXUb89lJHca8_iJg-nrOITZKQ8tRQ92bpudoStalqwozRbjdANmwj6r5QJAiOcwYXtydDRdCJ8Uu9AliTJbQbcLNngHHRtRePk8kmvK3LiOMMzWKw-VEeUqp5F1schce0MzFAJMSF4XaWYfDRXLgA0_VAnVEFdZAgxXmJ1wqxGHG2JKSO4S2VHfxnhUShmpGfr0QE7ltSZI4iw97qib708xvQfZ4z0eMyEZG05uWqxPkVvZJI-dvJxHTNAI7ZeIROA-GtTj2GLwID_bJQju9nkFREVNtHw2QD3xjLY58RTMxsyPM9zq4R54aVeQrjYrNlsg6imAjywYnTOE8fLxL_sr5cTLVyr0MDrrhH-7LTIaJzNwjrM-UfNSA_sw_6Asoy_Ev77m7juYH-OEN7SlP96WMISgNr8iSy9INtLbUDZxU51Q6UkaF6Xdv8mbszDcywk1nzi1s8uw1tBXIaghG0zam9yFUMsIAb8RftK_rj9v4kbdOs6Rw7I9lBwvyVrSUGibohc3xLjCjT6fLyuk3pys3Wlz1fAlQfKmi_BnVY23A1EEX_6YsS5-j_JxB_gqy5kZ5Www9k-Wvkn3h5wgMAddRlKJfqodE578iP_1oer6SvhbRYLz-7e-rnaF9lXO5yrLiK_YMCmJUmC6JKrfN62-GrvQgjwwa1tNqlxklentauLZ1mCyrqRydbFDvvUvJEF5iEAAz3BSFERIoGXbS99oJ1TboNt0oS1U8wNdc4X4hYgoKtCol1vH_qperx6JpKhh1oNB1hAoXLdifV3z4NdRY_hQcPlLSqhuSm5IAMr38qCbb5UO1M6stc7KLaEyQzkTEz-oCWUnTWgiBicycX7nlN3NFeS1LK7SvYox0LugkffoPWGd8Iic9cvIyHeY5tiNHJnbZWtHFQY4JsL4ejx8xZmxaGKEF6-fBALVaqhuNt2zb-K6HWEMwHc8JQmWW2gvW7UHEK-nQGzHa_OiBgqGtY7xej_B3iDpuZXIrUcAAMa4ieLR963FuALZAabYD4TFIr8R4rUjlaGJHVEngtOjkBecErYQBI0xVACLyqKBjxDp1Ja-lwK1gtL4h-sCQIT1M3H5srXcwSriPe3-7AEl_Oasn7xwpB39CUfZV0HtdQr9h-JOrsG2A33hkNuWKHFr8ye5rB_sEqqrdcS0QJb2TXEGK5NB6bG_ydgbicZ10x2AU7wPVizbhwIXkNfjKVjC8jVbgxs6zz8ipuQkuFcBrwyeY8-Urlz_PZ6vRbVhI2BTeh2RYPo5DQ_nf0gEKSuj-Dbd0jzWw6DXEFejn0cWEvewsakNAEVIirAdYfH0FQG_wRXxo8iiI3WQTElEsE6ECHsOSl_V4buuJZPC9vACaJTpLI6DdXB0Xmd4o4alL5LFvJBDPJ8J8FyfPXluSLJs8XG34KjHs5PNARabvhmdfvPw2zIj_dBpd5-x-Tk9auSTiPO7cOw2rA4pKad6koghUiGhZLQGWu_kNrmUp4Jw57gY0R6ZW9Z_yffCBGLsCCqhqBiTNqbNnzTrKHWsQFyAKChKlr2n4Rbh6R6UJJXIFanTQE4jsyDByFHU_9xv-N1O7T_Fp_HkfuxpGj1dUouwmWMH70UlgFhCKKGniCTOU8zoD2Ds-o8-Eus9ixYYtFbObMcS60ODjTfykq8oqIOibhheGxf935K4Vb8DuUfQ96QuTuSmHxWCaUQ54Gdeiyur9qXThASZTZPZV7-OWk2ML0oqlpQzfM1jzB6sVJl-qnhZlsRQELIxnd8qaemnPPNRRJvUNrGVYDUCPQDHBHY0hjUGG1siCb2IlpNP5wlNJaxXOWgZUlt__jGT_SFGyi8QbaxyDlGTbSMhosjs2Gy7Vv3PhmGMCY4DhaCKKh-j71ySJjMS0UwFLPZAB9aC9oAPOoMpNcZjkIAnpVFR-xkEadZ2D045443kSNTEs357mjhUcB-mCgIvRZzC2hLZLKKj-E6zl1cgIEQ4SYkOd84GL66QdHztn6v1FtkuFEEw1f7d5wvp41i8Tx4JY_43PHmBcJcnh_lJ_tQ0Ac3DU2gyzsdRa4aGp1SJ5ODL2l0KQh2K1M7h-K66Y9rVt-Rfdjrqy9AEXTFzQmr_ocpYoC12bjagnBein51Z8bZU07qxOa-BOBbsPMsdBclNYYgTPv34EkY-IXIIJZq7xAfP2lHao2ePk6FQl72_YO_pI6sOXiTIvXR-skvKEF7seuMHOCyCom6sRBdlvnJxxbwZFtjrBiCkw2PKRu63UgIX3wE-rTBCXx6XfTzhYeypmWY-gp9_8zYw7DKTDttROBBMq-IRth1UuPRwPzlVxRnS9Mm9IDErqjtNSJ6W23BeUgMEe3-cfW3ypSfWR0LTtSp_UBDsNmY31sWFEUI6HmsCbapUzUOFK_IJVY5Cb9vXBOVSZx0krx1Rw2EbU-AvyHeZ82mH53vmmQWxuW4mVHVuOZRLm0YwAZP3CXgatcfUBtvrcmtix6ZNVgB4DXxhF70b7J9iHa3dYlGcgHq2slw-IsGSz8Lioj-JDTOZWiqThkuk30z_i9MiPlUkmtXdu94Lg0FIakxPU14ZAC1qHpOe9pw7n-oGmYmRNxG4TMeT41HZ2Eg1nerjYxv58XhTJ8xsCgyPT8a7hEWeBjxPDdbcGBVma32eawDQ8i6gh8zSj3ZXjtyVwVpq7ApBX7ktrbJLZqlocjrZSvb9cT93pCN1pzgY8X5mRNUVrmVHLGa_5mIv7-XtfZPvS65J-9_CUKQToK6qOSJzALwlLX25l-b6IOiH7kcKwc_LbgymSior2xztN3EUKctwm4u0ZIH&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fma9ngon.xyz%2F&ds=l&xdt=1&iif=1&cor=2907944179522641400&adk=521587873&idt=135&cac=0&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:25:15 GMT content-encoding br x-content-type-options nosniff age 929 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 10 Dec 2024 16:25:15 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjMxMjg0Mzg5NTM0NwogIHNlcnZlcl9pcDogMTM1Mzg4ODA1CiAgcHJvY2Vzc19pZDogMjY4NDU4NTcyNQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0... ad.doubleclick.net/ddm/activity/ Frame AA4B	0 867 B	176ms 80ms	Image image/png	142.250.186.102 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjMxMjg0Mzg5NTM0NwogIHNlcnZlcl9pcDogMTM1Mzg4ODA1CiAgcHJvY2Vzc19pZDogMjY4NDU4NTcyNQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMDA0MDg0Njc0MTc2MzM5NTg2MQpkZWJ1Z19rZXk6IDE0NzA3NzAwNjcxNjU3OTIwMjI2CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0xMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc1NDM3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTY3ODcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0xd27808e55bf7b19a0000000000000000","13":"0xddae7aebe1866baa0000000000000000","14":"0xd2194a21798b11530000000000000000","15":"0xd1ad010edcdfe3e30000000000000000"},"debug_key":"14707700671657920226","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"10040846741763395861"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	33lgkyejwpt3 Show response hal9000.redintelligence.net/zone/ Frame AA4B	11 KB 4 KB	131ms 40ms	Script text/html	138.201.63.145 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1702312840862010&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.145.63.201.138.clients.your-server.de Software Apache / Resource Hash b2c4c2cae6c0dc8fedd2b9e1ef866018c8d61235ab84c954910a7335d5d30079 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Mon, 11 Dec 2023 16:40:44 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4218 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame CF3B	0 20 B	78ms 78ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKDRArIQAAAAAAAChAMAQKDRADIQAAAGhm5nRAMAQKDRANIQAAAACAmbk_MAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAuQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAA8CL1QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAwM9N3QDAEEhpDTG15dE1IcGg0TURGVDRFLVFBZGlZSUUxUSIqaW1hZ2UvaW1hZ2VfdmlnbmV0dGVfdHJhbnNsdWNlbnRfdjJfbWVyZ2VkKCM= Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 0337	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7bc7d2acb2a64f0e37018a0ba53f3124377eb37aceba1e38fa586b9b89410a5a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame CF3B	0 20 B	76ms 75ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKDRAUIQAAAACwgPVAMAQKDRAVIQAAAAAAACRAMAQKDRAWIQAAAAAAABBAMAQKDRAYIQAAANDMtH9AMAQSGkNMbXl0TUhwaDRNREZUNEUtUUFkaVlJRTFRIippbWFnZS9pbWFnZV92aWduZXR0ZV90cmFuc2x1Y2VudF92Ml9tZXJnZWQoIw== Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame 6272	51 KB 19 KB	41ms 39ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 237499 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame C51B	51 KB 19 KB	43ms 41ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 237499 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1B18	350 B 906 B	193ms 76ms	Image image/png	2606:4700:20::ac43:444e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1005901 alt-svc h3=":443"; ma=86400 content-length 350 last-modified Mon, 20 Nov 2023 11:04:04 GMT server cloudflare etag "e7fc49b61cae983db8c3a1dccf923b93" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7j26ZZ5o3Cm9dksGfFE3%2FABiKf4WG4V9RxL4lQt3PXhMs1CBxp6lneEt20gG9OKYBxP96NawyYUWUPlRZEKtgZagT1puPD91vrcgXQzCdXg28LH3x33fwIBK8tfWg85L5yUZYhl9s10hKLDE%2BtzLsJO"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 833f2bcddc381cc5-FRA expires Fri, 29 Nov 2024 01:15:43 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 0337 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=Cmj0GiDt3ZbvONL6I5LcPiYWSqA3qwO-XdKTp35LjEbfLor3AARABIIG5g54BYJWCgICYB6ABqt7gsirIAQKpAjnAzZhXYD0-qAMByAPJBKoE8wFP0Ba4UV_eCtoYfFvyiQhRvxt0bxvUO75... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215534720936274628415%22,%22debug_reporting%22:true,%22destination%22:%22https://zeon-mobility.jp%22,%22event_report_window...	0 0	76ms 74ms	Fetch text/css	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215534720936274628415%22,%22debug_reporting%22:true,%22destination%22:%22https://zeon-mobility.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211380731690%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225433047691999926785%22}&andc=true Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"15534720936274628415","debug_reporting":true,"destination":"https://zeon-mobility.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11380731690"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"5433047691999926785"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 11 Dec 2023 16:40:44 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15534720936274628415","debug_reporting":true,"destination":"https://zeon-mobility.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11380731690"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"5433047691999926785"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	cookie-frame.html Show response ad4m.at/ Frame 5F13	2 KB 2 KB	54ms 53ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/cookie-frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1083433 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400 cf-cache-status HIT cf-ray 833f2bcd68ac691b-FRA content-encoding br content-language en content-type text/html date Mon, 11 Dec 2023 16:40:44 GMT expires Wed, 29 Nov 2023 04:43:03 GMT last-modified Tue, 28 Nov 2023 11:49:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HW11QfJxlW8rAUFXvdVYWYPbP2AmlWfrWhepbm2fvWzvS9RX%2BPVZAE1ciQ%2FYpmGUkFMCGx4EZnHi3jtlXTP15KX91dMxeTG62LSk2n4c0LEWOcMo92QMw5nyC%2BYPtMNp3dUeMw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 9B11 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CKXYwijt3Za_hOf2D5LcPxIy6oA3dhOzHdIPyn6XYEWQQASCBuYOeAWCVgoCAmAegAYnD-MMpyAEJqQKMXbZ3fAuyPqgDAcgDywSqBPMBT9ByZnxO6aW37OOV9DyKIH0RYgzv-MstUstozWl... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229304586515240800562%22,%22debug_reporting%22:true,%22destination%22:%22https://novocuretrials.com%22,%22event_report_windo...	0 0	77ms 76ms	Fetch text/css	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229304586515240800562%22,%22debug_reporting%22:true,%22destination%22:%22https://novocuretrials.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211148337545%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213463717749953094225%22}&andc=true Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"9304586515240800562","debug_reporting":true,"destination":"https://novocuretrials.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11148337545"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"13463717749953094225"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 11 Dec 2023 16:40:44 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9304586515240800562","debug_reporting":true,"destination":"https://novocuretrials.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11148337545"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"13463717749953094225"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 1766	38 KB 13 KB	42ms 41ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 15012 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 12:30:32 GMT expires Tue, 10 Dec 2024 12:30:32 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response pagead2.googlesyndication.com/bg/ Frame 72F8	51 KB 19 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=280&adk=3088186576&adf=1116380410&pi=t.aa~a.3911085084~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x280&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3342&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:42:25 GMT content-encoding br x-content-type-options nosniff age 237499 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19719 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:42:25 GMT
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame C171	38 KB 13 KB	50ms 40ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 15012 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 12:30:32 GMT expires Tue, 10 Dec 2024 12:30:32 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame CF3B	0 20 B	78ms 78ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgojCAEqH2ltYWdlLXdpdGgtY3RhLW9uLWxhcmdlci1zY3JlZW4KCggCKgZzZXJ2ZXIKDRAyIQAAAAAAAAAAMAQKDRAzIQAAAAAAAAAAMAQKDRA0IQAAAAAAAAAAMAQKDRA1IQAAAAAAAAAAMAQKDRA2IQAAAAAAAAAAMAQKDRA3IQAAAAAAAAAAMAQKDRA4IQAAAAAAAAAAMAQKDRA5IQAAAAAAAAAAMAQKDRA6IQAAAACYmfE_MAQKDRA7IQAAAACYmfE_MAQKDRA8IQAAAACYmfE_MAQKDRA9IQAAAAAwM_M_MAQKDRA-IQAAAADQzPQ_MAQKDRA_IQAAAADQzPQ_MAQKDRBAIQAAAADQzPQ_MAQSGkNMbXl0TUhwaDRNREZUNEUtUUFkaVlJRTFRIippbWFnZS9pbWFnZV92aWduZXR0ZV90cmFuc2x1Y2VudF92Ml9tZXJnZWQoIw== Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	80ms 76ms	Preflight text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215534720936274628415%22,%22debug_reporting%22:true,%22destination%22:%22https://zeon-mobility.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211380731690%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225433047691999926785%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 11 Dec 2023 16:40:44 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request.php Show response hal900010.redintelligence.net/ Frame AA4B Redirect Chain https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	4 KB 2 KB	206ms 125ms	Script application/x-javascript	138.201.63.145 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol HTTP/1.1 Server 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.145.63.201.138.clients.your-server.de Software Apache / Resource Hash 6fc3d69ff4631c43d218817defe10aa15ca44e5e3caa32979bfba81001fe6ba0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 Dec 2023 16:40:44 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 84234200125157804444556012535010 Connection close Content-Length 1354 Expires Mon, 11 Dec 2023 16:40:44 +0100 Redirect headers Pragma no-cache Date Mon, 11 Dec 2023 16:40:44 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Mon, 11 Dec 2023 16:40:44 +0100
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/3690400726754940306/_export/ Frame 893E	80 KB 21 KB	120ms 40ms	Document text/html	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/3690400726754940306/_export/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a094e6a626d0e969d94f57b55e29b0b1654c470b62f8bb67d9f81c270ab323ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 158297 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 20972 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 20:42:27 GMT expires Sun, 08 Dec 2024 20:42:27 GMT last-modified Fri, 01 Dec 2023 09:33:10 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 9D44	0 0	185ms 89ms	Fetch image/gif	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFGF6zz9irsC0Ue5zAdwRjv1qNWmpL1ea8dXRbbPFNPEYmnfyCfEnxSJ3-xSRTpmiNEnqGgPOmHVkWd2vrtyktuYZZ3PFLjJ9EoXf4Qa83O6e73mUlBuD-3IYYwSg11ROH_eYHTvNPKRs52eW5y-BQYVd7h_wgRdkkwEF-tCvvMOXA-eFaoh6d0ci9VVx9rFB5nJXfQHIRNbD_BIAvra3raBtke85JjVLd3oI43dtNHg8jkz5uopmNdi60LQRQoZi8zw73BAG7O6qgSWi7cp-FSzEEdoWAF9vzlIw5q0RWt3IZ5Z_jU7tkvpbCCnNydeLkhWMax20ziRBXlPuDipxpxrA02j2oEPTS3Z1hQX-Xz_dYAJJppPpMGmhZ4QTef3UoCRCD10RHodJqxA_erpTCGudSuTxx4HsFo597BlNlsWwECcySTkWKtyV306-0mwZTmfVKMTQ0EuVQtslfyeRABokEynGXKo9HW3Ol59-L3vwvgUBw7wSUXv-kwFODgQjJxnxVk-lMY_yLswLjz22TTrjbwVXxGrUu61ym7arGl45TAg-N_5WOuMYpKrySwyOgV74ngskY3TyWhas-Sqac2PufCZnn7RXmWfJdprStw9y2187dZ7LZBMeJqBUeUM7bne5rSTZDIG0GAEV2RES8z6QUREDwTHClKConjHKVfxjmdmoynYSrU81eUYs-SH1_w9HOs-yK1RIpoN-fdNIqUVPmhrVNz-JQ28vB6HwwXsBX5Mu6nc94wolwHpPjIkmyloIOB-TlAIjudnMiHGZj6TaE46ce2TmRC4uUnIQsf_mVW4lbxlme_AzEszkdzD2LqSShQZJX3Z4eLGiktAQJ26_BgT74MZ2BfxdB7sTZHxbAMVPs6BTXK4d8etWer_PzMGJicWfF2Zz_jsdS-6o5BItP170uGV8Qsf_LAu-6PtI2BQfJI33HTqFaG6OrgBLDVEJ9w6NMPbJ07Ck6LNav3JQjSx56Fds89EliP1b_bHUzfbcLdYZzxMrteAyClBvuasaKnwhfY6LYWEKqMATK-5gfvD7BWspd-5grcZqiIBc34ixZBPHebnj-mDK2403e7ezP4YZok3MuNhGKs9Uvt41OH7e1rRMYG2cqwN0ABHe1UdFxjrSGuHy-vaAP4Vcvg8QlL53Mdxyb10Cl3JSvTGSzGUIV2Dg7TlgA9oRvxx0QZqJtMOlIdfgmpYIU_g0JKQZJYW_uYF_kFmxMCcOrm4TqWW7t5CS4hkPKEU9VaxWNbLJt_r3jdIjXKalgnHWa9hhcnJ9jol8aQAxqFDxleL27zPhIrNNiETpfgAHr4brY2hxLwQLDdNabId65b8J_HYhvtpKdmwZKgWB7eJIzqy4DFkN-xHHIVh0-sjGbJOOi6iva39wMylbb1VpUJRw&sai=AMfl-YT8HshCwarBLBv0-unsy-N0MB320TtVPz77Xz_AhDwXbmI6HWC9YRRmkIEkDluOmpTBQX1F-RyBLWcNeEMAqD5Pi-UBNgOUPMunWy_XtRxA77_NUFKhG5IVSsh1USoARIW763ZteKkJNxnmZ4AJw4lhmsDeCe_E2CQy6odbq5WwIkMkUXRD2gPtYXLZBkAZOY5O9Q59NHJCkQx-jg2J-94J10pFsgI_baKW7DurkwRO05EmbKr9xCfz79PIOxpFUDlSZGVkc1sz6qSkVohu7IVR4PVvIgQaSWm5td747PWh4zHFiu4RrzfHIwPW49s&sig=Cg0ArKJSzBus9IZX0gPuEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=270&cbvp=1&cstd=266&cisv=r20231206.52108&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	93656 tags.bluekai.com/site/ Frame 9D44	62 B 570 B	297ms 186ms	Image image/gif	23.212.89.8 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D30690425&phint=crid%3D206486922&phint=pid%3D377429980 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.212.89.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-212-89-8.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Mon, 11 Dec 2023 16:40:44 GMT content-length 62 bk-server f4b2 content-type image/gif
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	80ms 79ms	Preflight text/html	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229304586515240800562%22,%22debug_reporting%22:true,%22destination%22:%22https://novocuretrials.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211148337545%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213463717749953094225%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 11 Dec 2023 16:40:44 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame ECD0	0 19 B	86ms 85ms	Image text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CiJXeijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE6wFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlKWC5grvM996GvFRhFwJ8rMHwwh7s-iFIoOkxy1Tjy7DrY2h2WxagAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTE1MzE5MDI4MzEyNjU3ORgA&sigh=20o3mZyPTWs&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN7xUZnOFGvbECqpGbk1ENSnV9LDngk0nZ46IWaMXQ30CLzEaRe5VjeaYCKamRK-97D0VUpqevGAE&cbvp=2&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame ECD0	0 103 B	152ms 52ms	Image image/gif	2600:1901:0:76b9:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://prod-rtb.ad4mat.net/winResponse?a=1kwmtww78et8fyr17ssgypqqnsze3aq90sbsh1wej2eewgtxk86k9qcnp00w012ncv1bjt6kgp3456bgtjtt8jgbxz2zapb401wkfrnhfzfgpkyymqktczh9b3wyr8w41ecxfq1t81rs6apxa298a05fhs3400pvfy3g2rt51vp2ghte6q1130rcm69fxk14z1ny0ntjp7wabr9nnesq4x5t8ww1h7qts5n13d344yns7e1yh69rmmg9rzkqc7efxeae5vew0z2ag73cnww8njxeknaafpz5yys2s59vq020k0z5xnmn0v4z4xgnqpvgzr0vsh71w92w14h49pg5efmsrh7rcbhezy2xpsr66trs99axfbj4dgwsnw6pe3cdy2j0egs16v4v87g&b=ZXc7igANWFQIFWwjAAbjUevLsXtWN653IX5inw&cbvp=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5153190283126579&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702312842&rafmt=1&to=qs&pwprc=9696616601&format=1200x90&url=https%3A%2F%2Fma9ngon.xyz%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702312842807&bpp=1&bdt=3341&idt=1&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3851304261781&frm=20&pv=1&ga_vid=327068440.1702312841&ga_sid=1702312841&ga_hid=2004832928&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C31079928%2C31079980%2C31080064%2C95320884&oid=2&pvsid=538058917746411&tmod=2024335808&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-origin * date Mon, 11 Dec 2023 16:40:44 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H3	200	DcmEnabler_01_250.js Show response s0.2mdn.net/879366/ Frame 893E	32 KB 11 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/3690400726754940306/_export/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3690400726754940306/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sun, 10 Dec 2023 23:49:09 GMT content-encoding gzip x-content-type-options nosniff age 60695 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11558 x-xss-protection 0 last-modified Tue, 14 Mar 2023 21:28:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 11 Dec 2023 23:49:09 GMT
GET H2	200	main.19.8.464.js Show response static.adsafeprotected.com/ Frame 9D44	213 KB 66 KB	150ms 45ms	Script application/javascript	2600:9000:223f:dc00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.19.8.464.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rjss/st/1693932/75440260/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015017342&ias_pubId=pub-5153190283126579&ias_chanId=1&ias_placementId=20811529347&bidurl=https://ma9ngon.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jnzgKjZuaibVQh1kKOfLi2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 20:14:56 GMT x-amz-version-id UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw content-encoding gzip via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 332749 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 07 Dec 2023 18:46:00 GMT server AmazonS3 etag W/"abf69ba4c667ac44b2f9c28f5047f6bd" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id 3rydDTOBbCBbuY9o45TcRn8MShgpMIMpQZI3iENO7fGH7KTjagB2Jg==
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 1766	39 KB 15 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 11:45:46 GMT content-encoding br x-content-type-options nosniff age 17698 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 10 Dec 2024 11:45:46 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame C171	39 KB 15 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 11:45:46 GMT content-encoding br x-content-type-options nosniff age 17698 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 10 Dec 2024 11:45:46 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 9D44	0 0	79ms 78ms	Fetch image/gif	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFGF6zz9irsC0Ue5zAdwRjv1qNWmpL1ea8dXRbbPFNPEYmnfyCfEnxSJ3-xSRTpmiNEnqGgPOmHVkWd2vrtyktuYZZ3PFLjJ9EoXf4Qa83O6e73mUlBuD-3IYYwSg11ROH_eYHTvNPKRs52eW5y-BQYVd7h_wgRdkkwEF-tCvvMOXA-eFaoh6d0ci9VVx9rFB5nJXfQHIRNbD_BIAvra3raBtke85JjVLd3oI43dtNHg8jkz5uopmNdi60LQRQoZi8zw73BAG7O6qgSWi7cp-FSzEEdoWAF9vzlIw5q0RWt3IZ5Z_jU7tkvpbCCnNydeLkhWMax20ziRBXlPuDipxpxrA02j2oEPTS3Z1hQX-Xz_dYAJJppPpMGmhZ4QTef3UoCRCD10RHodJqxA_erpTCGudSuTxx4HsFo597BlNlsWwECcySTkWKtyV306-0mwZTmfVKMTQ0EuVQtslfyeRABokEynGXKo9HW3Ol59-L3vwvgUBw7wSUXv-kwFODgQjJxnxVk-lMY_yLswLjz22TTrjbwVXxGrUu61ym7arGl45TAg-N_5WOuMYpKrySwyOgV74ngskY3TyWhas-Sqac2PufCZnn7RXmWfJdprStw9y2187dZ7LZBMeJqBUeUM7bne5rSTZDIG0GAEV2RES8z6QUREDwTHClKConjHKVfxjmdmoynYSrU81eUYs-SH1_w9HOs-yK1RIpoN-fdNIqUVPmhrVNz-JQ28vB6HwwXsBX5Mu6nc94wolwHpPjIkmyloIOB-TlAIjudnMiHGZj6TaE46ce2TmRC4uUnIQsf_mVW4lbxlme_AzEszkdzD2LqSShQZJX3Z4eLGiktAQJ26_BgT74MZ2BfxdB7sTZHxbAMVPs6BTXK4d8etWer_PzMGJicWfF2Zz_jsdS-6o5BItP170uGV8Qsf_LAu-6PtI2BQfJI33HTqFaG6OrgBLDVEJ9w6NMPbJ07Ck6LNav3JQjSx56Fds89EliP1b_bHUzfbcLdYZzxMrteAyClBvuasaKnwhfY6LYWEKqMATK-5gfvD7BWspd-5grcZqiIBc34ixZBPHebnj-mDK2403e7ezP4YZok3MuNhGKs9Uvt41OH7e1rRMYG2cqwN0ABHe1UdFxjrSGuHy-vaAP4Vcvg8QlL53Mdxyb10Cl3JSvTGSzGUIV2Dg7TlgA9oRvxx0QZqJtMOlIdfgmpYIU_g0JKQZJYW_uYF_kFmxMCcOrm4TqWW7t5CS4hkPKEU9VaxWNbLJt_r3jdIjXKalgnHWa9hhcnJ9jol8aQAxqFDxleL27zPhIrNNiETpfgAHr4brY2hxLwQLDdNabId65b8J_HYhvtpKdmwZKgWB7eJIzqy4DFkN-xHHIVh0-sjGbJOOi6iva39wMylbb1VpUJRw&sai=AMfl-YT8HshCwarBLBv0-unsy-N0MB320TtVPz77Xz_AhDwXbmI6HWC9YRRmkIEkDluOmpTBQX1F-RyBLWcNeEMAqD5Pi-UBNgOUPMunWy_XtRxA77_NUFKhG5IVSsh1USoARIW763ZteKkJNxnmZ4AJw4lhmsDeCe_E2CQy6odbq5WwIkMkUXRD2gPtYXLZBkAZOY5O9Q59NHJCkQx-jg2J-94J10pFsgI_baKW7DurkwRO05EmbKr9xCfz79PIOxpFUDlSZGVkc1sz6qSkVohu7IVR4PVvIgQaSWm5td747PWh4zHFiu4RrzfHIwPW49s&sig=Cg0ArKJSzBus9IZX0gPuEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=735&vt=11&dtpt=465&dett=3&cstd=266&cisv=r20231206.52108&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:44 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	htlp Show response futalis.de/ Frame 6822 Redirect Chain https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=84234200125157804444556012535010&ra_cnt_active=1&ra_cnt=1 https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3378644960	350 B 401 B	191ms 43ms	Document text/html	49.12.22.42 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3378644960 Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS lb-3.futalis.de Software / Resource Hash 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 350 content-type text/html; charset=utf-8 Redirect headers content-length 0 content-type text/html; charset=utf-8 date Mon, 11 Dec 2023 16:40:45 GMT location https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3378644960 p3p policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP" server Apache xphp81 true
GET H2	200	e99aace94e6e58733936cdd965d03e75 Show response pv.medialead.de/trck/epv/ Frame 33BE	0 326 B	15545ms 102ms	Document application/javascript	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=84234200125157804444556012535010&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * access-control-expose-headers X-Request-ID attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} content-length 0 content-type application/javascript; charset=utf-8 date Mon, 11 Dec 2023 16:41:00 GMT host pv.medialead.de proxy-host pv.medialead.de server nginx vary Origin
GET H2	200	/ Show response adv.office-partner.de/ Frame 0BCE	930 B 923 B	175ms 39ms	Document text/html	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-encoding gzip content-length 552 content-type text/html date Mon, 11 Dec 2023 16:40:45 GMT etag "3a2-5c1ab16b3be00-gzip" expires Mon, 18 Dec 2023 16:40:45 GMT last-modified Thu, 06 May 2021 15:37:28 GMT link <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical" server keycdn vary Accept-Encoding x-accel-version 0.01 x-cache HIT x-edge-location defr
GET H2	200	e99aace94e6e58733936cdd965d03e75 Show response pv.medialead.de/trck/epv/ Frame AA4B	0 326 B	15528ms 101ms	Script application/javascript	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=84234200125157804444556012535010&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:41:00 GMT attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx host pv.medialead.de vary Origin content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Request-ID access-control-allow-credentials true content-length 0 proxy-host pv.medialead.de
GET H2	200	e99aace94e6e58733936cdd965d03e75 pv.medialead.de/trck/eview/ Frame AA4B	43 B 361 B	15527ms 100ms	Image image/gif	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=84234200125157804444556012535010&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=157b52b10c&subid=&uid=77eb30c65e842eea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNT7oiDt3ZbrONL6I5LcPiYWSqA2m5b2gaZ2cnKfJD_AuEAEggbmDngFglYKAgJgHyAEJqQLSk1znshOyPqgDAcgDmwSqBJACT9C1Q1REczbyHuWPoTw4G-_ifPMzA_BCNiqqwoEhFqyzNzQUvLJC5P80bYUA63NVuNYdCAQMKP6wwsraZFAxfjIKlqTwkPXt_IckHhOxjXmTx8ccMQqRDO5IRgtWCAL7EGU5qvCYVTjYvjkoI6t251NKQtBjLNfnlI5zNAL613RJbGdVzZPa2VQ6u1SbADNHw-urUskQcA2ff2jICwenJrmoJYgFcf5kFwN0fDWH15mvwwgXE7TJN9qyaaelnNSt1K8HJMqgwWiG8DvgVECqQva3IeDfvO_zDwJ5XgMvuCHsRbY2Terx8FZmwFdEO012M0l5_uiLlyiAzqGVtA_ViUFwcJxDziDPLTz6svtJ7_nABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoJKvwemHgwOACgGYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB%26sig%3DAOD64_3UQ3GnPxrUtlF9rZqsCzCNo3o9PA%26client%3Dca-pub-5153190283126579%26dbm_c%3DAKAmf-AJseoMesf9H4lpoxDFMwvfjTZRiz7eXCjRibcNDF4oeO92EL4dA67SF1m_LakmgiYR8UYujMZyeHGRUjABQV1Dt7sTY_8RovJ7rctWBb_f98A6k9Q_Nv0-JOi1IGMY-TUFKdczaUS1xQPmhmgVM2lCJQ6-aG-J4np4chvmMyOGx8Q4LnA%26cry%3D1%26dbm_d%3DAKAmf-B3xtjZebHSoO9Uw8-tOvfQYlMT3n5uYcbXmOyM76UEg-c7uK-p3TknG1k4R1VwTLFiFM9xCw-yg9FlrgEgc_6AicYVhzP8_O_Vqpr7xjvuZOULluXBjEBTFJkcdA6wkiBmPJAr--nq5hSRGlJstKzE3hkeZMBOoyAaP3Jesf1SA5Q7CycPJjwFFUnqvrLwXqxExp7Nbom96owJWjzCItFXqsUALkHkCF-mp_LixRWS0jSe-bLxeN_h6iqtMbnMKuebL_E0lZOGaGlhqEUJIHpxZKsCcR0tWE6A1dZ9liZEmBK7Qjh2QN89thAp3hLIRgRJ323aLuY-fBkQXeVA8HsnaYSWwskF05sH10JjNEaBtvn1W7H-vrTQ0qWcL05UTBh-f1X2skvTMfRw-TpYMS7ZzBwyJ_DBuaycBwRX3nDO84Y4OvOKYzJbxrAtHJsLf94lonSK3rng2-2ElGeQStfefhMcZFYNaV8OxWRLwllxDGmoHR2GYYd_wivSS3sAGuA2O1WhfRLv4jQrtB0noErZQNNPifYLV_dzUckYZGRFlzs6ZJk%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5153190283126579%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fma9ngon.xyz&random=6744366790133&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:41:00 GMT attribution-reporting-register-source {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx host pv.medialead.de vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers X-Request-ID access-control-allow-credentials true content-length 43 proxy-host pv.medialead.de
POST H3	200	rs Show response ad4m.at/ Frame 1B18	2 KB 2 KB	85ms 81ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 541dc86e6de2b248e744cf47011529e8eeccfe2ba30881d7781b9d5a7c420335 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/json Response headers date Mon, 11 Dec 2023 16:40:45 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chkhFMUJcaekWzogYN8v5V7WC9kd9qW3jAAXDFHrwFofEu0R0mAHnQGtVSiMYMrfSwVAXiDoOHNB24S5u%2FeZ8AyJ%2BrAZpG7K%2F4ZfoS8kyF2KOA%2F9vu5k35W6nGL286fZLsnxsvo%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 833f2bd2b88d2c20-FRA x-backend-server aa-reachservice-group-europe-west1-zjg9 alt-svc h3=":443"; ma=86400
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	138ms 84ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 833f2bd21f582c20-FRA content-length 24 content-type text/plain date Mon, 11 Dec 2023 16:40:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0O0qcZw1AKXfzHIVF5iGdLsopOlI2%2FMKS4A3qe5BVkb%2FdBFgeJRxEaFpwn4KFqLRJlr1pW0lUpHQv0Fg6G%2Bk6wZHy%2FkWyKouEhGvnt3ipVBkuTykEQJYj3WfBivj3dxKkytHJ3s%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-zjg9
GET H3	200	BNR_HL.png s0.2mdn.net/sadbundle/3690400726754940306/_export/ Frame 893E	2 KB 2 KB	59ms 57ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3690400726754940306/_export/BNR_HL.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab833f5f5f0916b7d5b713c96d3d87bbc8c08a9eae40612db38e9bc13782656f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3690400726754940306/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 01:20:31 GMT x-content-type-options nosniff age 55214 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1662 x-xss-protection 0 last-modified Fri, 01 Dec 2023 09:33:10 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 10 Dec 2024 01:20:31 GMT
GET H3	200	BNR_Visual.png s0.2mdn.net/sadbundle/3690400726754940306/_export/ Frame 893E	11 KB 12 KB	61ms 58ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3690400726754940306/_export/BNR_Visual.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fbfb9112b06be0908506aaf9b402630ad9979824fcc9fbf78308252bdbfefcbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3690400726754940306/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 01:20:31 GMT x-content-type-options nosniff age 55214 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11762 x-xss-protection 0 last-modified Fri, 01 Dec 2023 09:33:10 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 10 Dec 2024 01:20:31 GMT
GET H3	200	MM.png s0.2mdn.net/sadbundle/3690400726754940306/_export/ Frame 893E	3 KB 3 KB	65ms 62ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3690400726754940306/_export/MM.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c328a13be97cece2cde11c6e95bbdda716567edff238cc007f9072bbf0adc7ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3690400726754940306/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 20:48:27 GMT x-content-type-options nosniff age 157938 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2588 x-xss-protection 0 last-modified Fri, 01 Dec 2023 09:33:10 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 08 Dec 2024 20:48:27 GMT
GET H3	200	SA.png s0.2mdn.net/sadbundle/3690400726754940306/_export/ Frame 893E	2 KB 2 KB	67ms 63ms	Image image/png	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/3690400726754940306/_export/SA.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81fcde52ff2aa50b348edb3a44fa2ab6b80d18e15707c7427f007d1a79794f50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/3690400726754940306/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 01:20:31 GMT x-content-type-options nosniff age 55214 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1894 x-xss-protection 0 last-modified Fri, 01 Dec 2023 09:33:10 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 10 Dec 2024 01:20:31 GMT
GET H2	200	skeleton.js Show response static.adsafeprotected.com/ Frame 9D44 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1693932/75440260/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015017342&ias_pubId=pub-5153190283126579&ias_chanId=1&ias_placementId=20811529347&bi... https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=	17 B 464 B	68ms 52ms	Script application/javascript	2600:9000:223f:dc00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb= Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Server 2600:9000:223f:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 27 Sep 2023 03:21:19 GMT x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 6527967 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id u6CQpsnuaA19_eJQQFBXJAJDxv7LCt9Plejh2ikjbKTvSmc_6lrf_A== Redirect headers pragma no-cache date Mon, 11 Dec 2023 16:40:45 GMT server nginx x-server-name app14.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 79F9	91 KB 23 KB	226ms 55ms	Script application/javascript	2600:9000:223f:dc00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 21 Sep 2023 00:09:11 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 7057895 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id It0tZVTVjNAETpH3R2UT3b9orUz_fwuhu5T2SGBnLh2TvUTE6CMhqg==
GET H3	200	rar Show response as.ad4m.at/ad/ Frame 2D5D	11 KB 4 KB	143ms 86ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 366def51806d14eb8d251331df9385157e30741733bb7b84b547e10a6c214b6a Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1gmvre5tk608qy4dnf12dndcehhgpw5dtnxqapm4zrg0501tfmtxyfvz8meehc1ewzsab1xwwb55e8rw5ajgfn7s2xp3b03akmpp8ccav82fzhd8fzhyw4cvey99vpjjht42edb6e16ndzeqx2f085ggswzazrbe1q3x5cfxbgye8746sryp92jbddhgcgn9cnrt0cqjzgstcz5q9trm0ea297jfp5ergxd5kpfwmxmqts31qsnh94x8zwyzcwzxvmmp775jgjark7vy5y8gtjt5dt62dj8xc4jbn5r27qmpk8hvn32xckfmnmmee3x7gs4628wsy44dr6ktdfj5e7ce5ffh4q44bmd4pv4dfd0v051k79jv4wd6m4r33swd7zad13xawqhvydt30ky83ptep265bj648h94crad9weew5wy066751sf144deasykja38516&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%26client%3Dca-pub-5153190283126579%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 833f2bd479aa691b-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:40:45 GMT expires 0 nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} permissions-policy accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=() pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H2	200	ts.js Show response cdn.retailads.net/ Frame 6822	5 KB 5 KB	138ms 49ms	Script application/javascript	2a01:4f8:d0a:2321::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.retailads.net/ts.js Requested by Host: futalis.de URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3378644960 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148 Request headers accept-language de-DE,de;q=0.9 Referer https://futalis.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:45 GMT last-modified Wed, 05 Apr 2023 20:14:46 GMT server Apache etag "1416-5f89c717cdc2f" content-type application/javascript xphp81 true accept-ranges bytes content-length 5142
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 9D44	42 B 174 B	142ms 72ms	Fetch image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssP5rBLCTgy6PQgj3uQXdKDPJlvpMWJr0XZ3VWPFDE3ZIiwQw1O5tH0dMTIUe0-3aBZBe28CFw6D2uj2e3PFrYM26gXikHzg6Vm2bzYpib0oFfbzxrdsLt1wRFCosWP9hoIutAL_cvDfr9e&sai=AMfl-YQT9j1mtnJKHcrYWDpx-0IGKVmpHOwIFSEqbafA-rmLFNbeXm0sM0BlYPrPaN4I-jTb3LvIi0KB8L87KxbxEJ_4UeZKK2qBEyrT0gyVQQgfQFcflbBwdvhhP8waqw82uqA-g78spzYXe_nTOUpZj4R2DcFPVvl-cmY&sig=Cg0ArKJSzGAnMx0Hy3HlEAE&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&id=lidar2&mcvt=1138&p=0,0,90,728&mtos=1138,1138,1138,1138,1138&tos=1138,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702312843481&rpt=785&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:45 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 216 B	771ms 117ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJQZd,pingTime:-3,time:781,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:622%7D,%7Bpiv:0,vs:o,r:l,t:779%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:781,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625%7D&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:46 GMT server nginx x-server-name dt15.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	760ms 121ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJQZs,pingTime:-6,time:796,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:796,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625%7D&tpiLookup=ao:ma9ngon.xyz*%2Cgoogleads.g.doubleclick.net*&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:46 GMT server nginx x-server-name dt13.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0337	42 B 108 B	98ms 76ms	Fetch image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWT8iq5ZXCSy2xwZeBBQAzct5fRhgGTPz6KAXY7RmQBvazLVYdw9KMsNt6LtCqmlMrm6TdmpmLeLrPTxkEqZh2kbGwnm-S2JPAvZF7GwMHWa8zMaIqgdozwjPb6tasaIn8eVJsVxXAgUUA&sai=AMfl-YTe9qvFYRyPE2w7ShZJSFs4zxAvKz-AcE6x_gxmIDV3LTGZmmRqTSPmFm1u3e9sQYuRutOnzVQcRcBvOzJnRYkid5iitF60Lxs-G58TxQmWNDIhadLKelVU8FJLFmvt-mUKPNwnl-A7bSAXbXrZSCqCWcr0cLeKZxY&sig=Cg0ArKJSzOq1azDw1Q85EAE&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&id=lidar2&mcvt=1145&p=0,0,600,160&mtos=1145,1145,1145,1145,1145&tos=1145,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702312843194&rpt=729&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:45 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 0BCE	175 KB 63 KB	669ms 50ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d57c50ca0af2d861e44dcceb7aaa1927b2b97601780b6489e0a3d0d1d56fd0e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64127 x-xss-protection 0 last-modified Mon, 11 Dec 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 11 Dec 2023 16:40:46 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	678ms 129ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJR13,pingTime:-2,time:895,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1222,beZ:1223,mfA:1763,cmA:1765,inA:1765,inZ:1771,prA:1771,prZ:1836,si:1845,poA:1847,poZ:1870,cmZ:1870,mfZ:1870,loA:2017,loZ:2025,ltA:2116,ltZ:2117,mdA:1223,mdZ:1460%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:622%7D,%7Bpiv:0,vs:o,r:l,t:779%7D,%7Bpiv:100,vs:i,r:,t:894%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:2,o:894,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~728.90%5D%7D%7D,%7Bsl:i,t:894,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625,sinceFw:269,readyFired:true%7D&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:46 GMT server nginx x-server-name dt24.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	default.css as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2D5D	115 KB 14 KB	63ms 59ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2559066 cf-polished origSize=118430 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 02 Nov 2023 10:26:17 GMT server cloudflare etag W/"486507ccce9ac587d11c0ef3f32a109a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRDWap8R4z4BdI03ehBcYxetTia5GHSHFgtkk1iQ7%2FLbitu%2BoYGuwZhyGG9So%2BX0y9Ktk%2F%2BA9ed7geLDN3yIEmb2H3%2F2SZt%2F4HGPO2dzk87NwhhuhPnemjG3VqCiKeXhhnpEfBow2s0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=86400 cf-ray 833f2bd89ed6691b-FRA expires Tue, 12 Dec 2023 16:40:46 GMT
GET H2	200	AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111 assets.ad4m.at/logo/ Frame 2D5D	8 KB 8 KB	78ms 54ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 254230 cf-polished qual=85, origFmt=jpeg, origSize=10446 alt-svc h3=":443"; ma=86400 content-length 7728 cf-bgj imgq:85,h2pri last-modified Sat, 04 Nov 2023 16:41:23 GMT server cloudflare etag "bddcb815cd8abad672404f9cdec6f97c" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E7cvk9sNYxdmbF5gjN%2BYphuHbJvehx1J%2BhJXAnAkCjA%2B6pbRRbymRLb7sn336RsNONdjBr2fFsL9if6dWi1UWZrgaod%2FxpVc4DqPihRSF4CfwdiVVXVBY7FWfJnK8CSnwaCgWrUyyXxJ8Ps"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 833f2bd8bc94bb83-FRA
GET H2	200	A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 assets.ad4m.at/product_image/ Frame 2D5D	11 KB 11 KB	75ms 51ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 341250 cf-polished qual=85, origFmt=jpeg, origSize=13532 alt-svc h3=":443"; ma=86400 content-length 11268 cf-bgj imgq:85,h2pri last-modified Fri, 03 Nov 2023 22:13:51 GMT server cloudflare etag "d9fd29c7a268fd485230a60f0d2e0192" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiDouyrDuTFe29KDiGqTgcs7L%2By%2FIShlgL%2FY%2FgArviem1gebheChRejfEZ7RiEAAAr3%2FuxiYV%2B2l%2FNaG9JLww808eDNj0HZ4augRveJB3GscH5tQyHTbUelxoXGSZFFk7v9wUpJ1t92AXrmB"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 833f2bd8bc92bb83-FRA
GET H3	200	762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84 assets.ad4m.at/logo/ Frame 2D5D	7 KB 7 KB	61ms 56ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 246866 cf-polished qual=85, origFmt=jpeg, origSize=8714 alt-svc h3=":443"; ma=86400 content-length 6672 cf-bgj imgq:85,h2pri last-modified Wed, 01 Nov 2023 08:50:26 GMT server cloudflare etag "52953af169f970e1ac17ba40d8c26548" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9UVp5jtyNZJpMUmRC%2FHRlX4nOqvmwjTRVTbuv5uovKSS496AwPF4HQzL%2BEYFmFxwhfVgg2%2FUD5rMmSHB5NAOL5djVqjSupsCDoiSmboyiSFpoZhXNE2Mfv64IZrL2P523VEdhNKQh2wvb83"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 833f2bd96fcb691b-FRA
GET H3	200	E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE assets.ad4m.at/ Frame 2D5D	25 KB 25 KB	64ms 60ms	Image image/jpeg	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 461789 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 25413 cf-bgj imgq:85,h2pri last-modified Wed, 06 Dec 2023 08:24:17 GMT server cloudflare etag "7e811696e8763f5dce86bbb648013620" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXN1OoS7YAvZu9OyG%2BZP%2BMGyTpRZoW2ZL56COaWmi8qoUf3snKQSz1z1Z31DyLtDfh3jF2sgPysgA1zpscarWVzoxrKrzHv3%2FCzJSbnZ3hLN8dmJsq6MGI2mpxXZtqe2bd8FPlVXarlErnHU"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 833f2bd96fcc691b-FRA
GET H2	200	ztpv.php www.conrad.de/ Frame 2D5D Redirect Chain https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 https://www.conrad.de/ztpv.php?awc=11354_412871_1702312846_08a9d510-9844-11ee-9488-2234841a3abe&insert=AW&&gdpr=0&gdpr_consent=	0 491 B	195ms 61ms	Image text/html	2606:4700::6810:c0cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.conrad.de/ztpv.php?awc=11354_412871_1702312846_08a9d510-9844-11ee-9488-2234841a3abe&insert=AW&&gdpr=0&gdpr_consent= Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H2 Server 2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT strict-transport-security max-age=15552000 cf-ccp-worker HTLPHandler-v1 server cloudflare vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 833f2bdc6df01c2c-FRA content-length 0 expires -1 Redirect headers Date Mon, 11 Dec 2023 16:40:46 GMT Strict-Transport-Security max-age=86400 Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://www.conrad.de/ztpv.php?awc=11354_412871_1702312846_08a9d510-9844-11ee-9488-2234841a3abe&insert=AW&&gdpr=0&gdpr_consent= Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 0
GET H3	200	90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 assets.ad4m.at/logo/ Frame 2D5D	4 KB 5 KB	73ms 72ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 251935 cf-polished qual=85, origFmt=jpeg, origSize=7258 alt-svc h3=":443"; ma=86400 content-length 4294 cf-bgj imgq:85,h2pri last-modified Wed, 01 Nov 2023 09:56:16 GMT server cloudflare etag "679602b08629bcaaabfcfad4e68fe53a" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muidnnMEFbYRUHecLWXZyGLIgOVfS3XEOJZC92DnzoqO%2B%2FGH1sh24Bpy3cA6l7mKqJ%2Fz7obxxAgNCL6pdSmO9QDZ7nA%2BeBopFEEJQawvplo7zXP3hIsyYj42DdlKVrpbsfaL%2F9svYKg5QKSP"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 833f2bd9b855691b-FRA
GET H3	200	287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 assets.ad4m.at/ Frame 2D5D	15 KB 16 KB	72ms 72ms	Image image/jpeg	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1003448 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 15521 cf-bgj imgq:85,h2pri last-modified Thu, 09 Nov 2023 08:09:52 GMT server cloudflare etag "269bd58060bc660c3aec98b388bae571" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4Pu4kenoj6XQtZ1zZ5yx7vZ%2BX61quX8pmKjzyTFXwcLVGSpXcFbZKWbjCtdYPTcTIcj4UAtNzuiABemL%2BJNVRyr9Z6rcg9o60qDT4DpLji7zZ%2BnApyBFDJX0PrwLkoZuYiHQW%2Fy1%2FGn1MbN"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 833f2bd9b856691b-FRA
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 2D5D	43 B 705 B	285ms 154ms	Image image/gif	92.123.148.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6Aoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-148-9.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 Dec 2023 16:40:46 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9D44	0 20 B	105ms 104ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=823641694760&version=m202309260101&ct=76&x=1&cor=12273155403987284000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	link.html Show response track.webgains.com/ Frame 2D5D	2 KB 2 KB	237ms 103ms	Script text/html	18.132.158.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jbqm50cpqe2hfvx923sbzzzpwpy8ykc6ma72pqshdbk6cxvaz95nx4gzvc86n3g6nbtb1xmp3hejy0w55eyem5thxgd2jravrst2416fk81jje5wx19ek1c3apghz2yngwgnq4qygptrv3cm8c5rp9cebk3xme8rbpps5sx7c5pehbjj9ats0kawqd2wr4w618ck1ek3sqan1hv68vydjmtyn5dtf4wp4vxqfg4ryg53hbewptm8m7xzf8h8wvh6ft0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%252526client%25253Dca-pub-5153190283126579%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.158.37 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-158-37.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash ebeddc98b34100f1d53c0bcd5afe3447dbaec6f9ff5f0955aabaa6461f5c71b5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT last-modified Mon, 11 Dec 2023 16:40:46 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Mon, 11 Dec 2023 16:41:46 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	127ms 122ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJRhM,pingTime:1,time:1932,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:622%7D,%7Bpiv:0,vs:o,r:l,t:779%7D,%7Bpiv:100,vs:i,r:,t:894%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1038,o:894,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~728.90%5D%7D%7D,%7Bsl:i,t:894,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:811,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625,sis:1103%7D&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:46 GMT server nginx x-server-name dt01.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	126ms 121ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJRhN,pingTime:1,time:1933,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:622%7D,%7Bpiv:0,vs:o,r:l,t:779%7D,%7Bpiv:100,vs:i,r:,t:894%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1039,o:894,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~728.90%5D%7D%7D,%7Bsl:i,t:894,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1040~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:811,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625,sis:1103%7D&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:46 GMT server nginx x-server-name dt09.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	122ms 118ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJRjF,pingTime:-10,time:2049,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702312846750%7C%7C1f4b5bf878c79615951ee22647739543%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C3816bea52055198ab0b8549cceb8af30%7C%7Cd2c2a888166eec51142e6bdb96c67f08%7C%7Ca5e574d13c450b5499eb1a79f6a870db%7C%7C14c49ca6239ef2dca8e438adce05f492%7C%7C18410ca1ce0aa1efe7d341251664cda0%7C%7C1663701684%7D Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:46 GMT server nginx x-server-name dt31.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 0BCE	274 KB 91 KB	52ms 51ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 48df6e8bbb80574186e23c2b51d762a60dd72fee10d91e248506de6dd77a958e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:40:46 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93102 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 11 Dec 2023 16:40:46 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1766	0 20 B	78ms 76ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Br3iIizt3ZeO0N7yl9u8PxfyrsAUAAAAAOAHgBAI&bg=!hYalhsnNAAY3kmNgF5I7ADQBe5WfOILUX0O19hG51Ax-nPjVKIqJmNkn8vpPiXsvoKwL279c91X6UE7XjxSup5BJgeqFAgAABeJSAAAACmgBB5kDNarO8ijr8RnrcOI0eoxtg-_Ovs5BEwBoDcoo-ZxFWOVQQM6uiSTxuAW_RaxUvPdIE1JvhUeqPdXz3o1V4lp0RLw4K3kg_2gClYgXlrLqs7BY80o0VT_4uWgnyZhlMcgch0y10AdiPY35rFVBsQvoOWJO0nRKpNkaZ8jjlACs64opn5XC1ooiOP1kzUql3mCh0SQCl7uYTN6EtaTA4cS1ansdo4KCQXSZtLxY5XVLJ-2-rLh5ifXxu_i3uUF8wqeBqNsZP0Sg3xX0I-om3QbOvO8hLdBYd5QrcyAw5M5t2e3GCpBreGLH6OFH-DXNNTI1ixNe-Ls6doon4aT39Yl8spiXeaPozqwwSorSC_nhCVKw8aEVrYBfILiRRdlxS-B3Lrb1CLLwn7_9xYaEAat5vteD8WYSWyPq34cf6TVqF6ij0zCFufjmL3DPZyjcX4tbeBkqxeO3yt73c75x4qsCtNuGefX9XkP1d-xqSJ8hVNn_PgJ-j25x97wgdNQ1CECfpOX7XixUcUr27vVKoyF_TkI63_Ef_SNOsgrEn3F9qL6pxBFn8gweOq_Mbft6DQlDQMApLYWYzBwqbrTXEDkLoP0QkkBQEK5zCqSViT63K5YZO96jOS3SbKXzzERhwBevRwMKXSevsE2TierSkICLIJMlU0RDhs68YX67tsbu32Ui8DdiT5yFNCbC7jYQ8ztNChfhN_WcNuibNT_Kos66bZUNIB-rSNOllTdp__qVDPpcnseRTqsAuP9CapbilVWuFT34fQgZ4vKBl6lJDxO3bDdof8_1ckoSDLfrXiHCJAi0nUM7wwDs8HjX_ti_vXl-qwCJHe6o4L77zS_Q54izaHtjQajhZO0l3Hnt-6kdKkBT8Vl0tGwbKROfC9VTdPrSX4YCxSRL5ROyXof_eUlvUDztDdHRDPpHydR3IcYI1ayZAApWAJIqOKVhQnzno-CWHpP0jMQtTSsd25fL4qkm7N3OfOn6ALWmBZyionw-R0aJnfblGpcVODdJ1Bb4LhupdRXd0UjQogOd62ddxCzGgequafHk8exxp2ncvS23bqmRTa8LgglNqc7Spn2qo3n6_LZCBwjS Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame 2D5D	53 KB 19 KB	193ms 52ms	Script application/javascript	18.66.27.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jbqm50cpqe2hfvx923sbzzzpwpy8ykc6ma72pqshdbk6cxvaz95nx4gzvc86n3g6nbtb1xmp3hejy0w55eyem5thxgd2jravrst2416fk81jje5wx19ek1c3apghz2yngwgnq4qygptrv3cm8c5rp9cebk3xme8rbpps5sx7c5pehbjj9ats0kawqd2wr4w618ck1ek3sqan1hv68vydjmtyn5dtf4wp4vxqfg4ryg53hbewptm8m7xzf8h8wvh6ft0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%252526client%25253Dca-pub-5153190283126579%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.27.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-27-74.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 01:58:57 GMT content-encoding gzip via 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront) last-modified Thu, 23 Nov 2023 16:26:10 GMT server AmazonS3 x-amz-cf-pop VIE50-P1 age 52919 x-amz-server-side-encryption AES256 etag W/"1180a1bfee0aad979766ecd6180b923e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id ClvpsdeJVmf7bsMYzn9JylJGZ6FrLJy4LJrXW7EibEfz4tsR4g_0Vg==
GET H2	200	1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png cdn.track.production.webgains.team/286305/ Frame 2D5D	15 KB 15 KB	180ms 47ms	Image image/png	99.86.4.36 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1702313146&Signature=gSg3mmq7x9C6RjzsiCfFCtTzdbfJlY23OEtqo-TDQRCwC7PzKeYs6iqGXRZepTwcQ8eQK68QxIcs3FA7lMTBKnBm-pB1aaIul8iC71BogeHSjGhBEQ9GoJYFTvvbUwdNcXGRYhv46B5XKhL~-dYVbvjVkx5k0SqPojZZfyF8G2hbV8KrcG3IokrPQuR2AOwfIRlSYsELfUJtZPnq-dN9sYzb3ogC5k5xxjaGsNQfJXhSaXL1FD6wHeKUPEzHyY3fKeSNlwGc9yqdPgBl6sHvCA7219GS554-h6cYDIP-ZBCQU5wQFQ76S~B-CmCJsUUVd~CbIYSOvFHCDls47GdvdQ__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=728&d=90&e=&g=2c11f490c7dcc827787d7191fb0651e3%2F8509387953222121590&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1702312845139&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k8ve4671rjvxwvazkkrhx22t4nteq0qkytp602d6dwfsr5wahr8bcsbvnkwt5z88fjtwx0gy9z1qszr8s47d4t6fcx84gw73w7ahh6def93254wjtp76zwpztnjz8bsrk1hq41pt3928n4sq49xhy9zhga4gy1vb1xtd6cypq1nvk5epp6zvq9xe3v9ahv8w5s6122mkex3ghhs9raytn82q01mw0qaydcx18axyj5jctfbtqf51rpkfdz4emb3nhmzny7mzxd6p4ggbfkt7b8e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdEhsijt3ZdSwNaPY1fAP0cabkAGQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01MTUzMTkwMjgzMTI2NTc5yAEJqQLSk1znshOyPqgDAcgDAqoE7gFP0FCzHFFGGn-KpvnZ9OvofHaaPkDf1Mf5BhjFjySnidnaRGx_O45i1_nCWT0EEn59cTtFLvQPZEhvT_0iGXiJAuX0OEeZARyKIREcwEClnGHldlGM5amK32jeEz8Iq_VKbGe5K7itHBR9Ab0il7Tszcy-SQJ0kRrIlXppWLl-aMphnLe-jDXmPPA34H0ecQSL84mcFZ_xdQfzPrCPRR3r2G0Et93i9VtWjk9-CnsNOodiz5jUS4ABkel3Ngxow8t67MwjlOeAx5g4ylg60nYZEoZAYEE-1wLWucad_wNmjr-rGzDvtVh9RiySylwdgAbHkbihmL7G32ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYr4CvwumHgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_09OEOfNXbTNl-Dh-G5A2ovrMxLiA%2526client%253Dca-pub-5153190283126579%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-36.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id null date Mon, 11 Dec 2023 11:37:05 GMT via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 10:41:35 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 31955 etag "d4e8f970f24f6d19b53aa92b1907c1ef" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 15054 x-amz-cf-id gF2px-v6sLYTv7x3QgagMt1Da6nfStRJrBsmx0y4FH1iItYtjgm9sA==
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C171	0 20 B	80ms 79ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8ZjMizt3ZfPSNoW9x_AP_Y2OgAoAAAAAOAHgBAI&bg=!AAOlA0zNAAY3kmNgF5I7ADQBe5WfOJxKtlUpUCg7Z_9JOfBa-x05iKeVtoWyABvUvoPdvw44Ch6P1sFUNFSdU8EK4ZoiAgAACD1SAAAABWgBB5kDSKLTIHWoee-TT3cYL-oPSQ_gS_ltPqU2UOdCJBAemF9rkR8ZaryqrNDS5nN0bjhE1nZbXsdN7k2SJDD7IvD5KnjVFYkAthDYPUdvUeoO5JqWW7j0_51UUBTdTkmCigfRQwbgmlyBDVVLRlUHplmXfOwR4Hg3K_l9oMJiWEp3Pa67P8khJF1Ksrwk32GWKLK7caWjq6_-UEuRn7cSomPi_lmJxSSFLSOwkfmpfxKIsGrHXuJ8V_3Dzpp7MsXjQXvCou6r3sYFt-3_KG-Fw7j60E9GFJxW11M_ksToVlIk8xigNk62Rr_eDMBvOyedkFeltEaY5ihbhr6dAkKWqfabkZNb_nbUvqoUKCcDRdLOn4B5PgzH_wWSxGMR3ZmwxKDmkB3zIxjON_HwF1aNskEcjEK7i0qyFpG33L0k6wvBKSmOudPRFJnYCw0g1R3QIIVvZ2gI_uU5VdtRUYh7pbfM5_l4bgF3mu--vITBQ6FH0ONY2xpc1jEdl5tNA9alXNYUbRq1YfOZmIh_JPspyaxewTP9Yw29-1ELnzbIwKoq8CGjQClJaWhEnenwNbm4R7nMaJccO6KZfNzfTlLD3psKoEkq8eNlCP-_2EDc7vOpa-5XMzwBAPOTKKauOstWQvapi_wlFzocqxVFAKgwNYaCeFmT5Jc1h13b2vUeW5MA_jxDe7Zfi1trSS_4hJwWDeQJa0uRB0u44JF2oIRH-SJ5V_9F4k2Qyv39eS1fwC3IrmVsfDEZqY-gB6KutU5pgxcjvLZi0POcmYmfQTHnnjgjPkKymA8G-Y6I9V-IA-djxPjrutQ24c2RxDEsz3E4ygq2o9H6q2aN6k1F015F0sBBKDQBKftuxSCIP83uiOZ8_UP-94zheOt5wHcC9XrU_pvMqBAHAFLbpCl-yexMusfQ8u1TzXeDZdfuk9yR_2tnU1FVMypQazQp9U-c8aSmCRHl6OJmF_BvuqnXr4OEaJageSITrQbMf1ZEksGJCUVc_OXz4fL29S2I2fU5MmUfBgT4JLIhlU3j0zplNBEBU0UqvGtD-E8Od66s1R-f5F6ZLxtSE03IFh-wJDRCIiHlLG6yvpC4luo_BrvB6RzJNZAruvOkX5Z4KKvSUQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:47 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	tracking-event Show response api.webgains.io/ Frame 2D5D	16 B 209 B	91ms 91ms	Fetch application/json	35.176.121.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-121-206.eu-west-2.compute.amazonaws.com Software nginx / PHP/8.1.14 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/json Response headers date Mon, 11 Dec 2023 16:40:48 GMT x-content-type-options nosniff server nginx x-powered-by PHP/8.1.14 content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	186ms 48ms	Preflight	35.176.121.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-121-206.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Mon, 11 Dec 2023 16:40:48 GMT server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	120ms 119ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJSkC,pingTime:5,time:5952,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:622%7D,%7Bpiv:0,vs:o,r:l,t:779%7D,%7Bpiv:100,vs:i,r:,t:894%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5058,o:894,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~728.90%5D%7D%7D,%7Bsl:i,t:894,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5058~100%5D,as:%5B5058~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:334,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625,sis:1103%7D&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:50 GMT server nginx x-server-name dt14.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	118ms 118ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJSkD,pingTime:5,time:5953,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:622%7D,%7Bpiv:0,vs:o,r:l,t:779%7D,%7Bpiv:100,vs:i,r:,t:894%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5059,o:894,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~728.90%5D%7D%7D,%7Bsl:i,t:894,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5059~100%5D,as:%5B5059~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:334,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625,sis:1103%7D&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:50 GMT server nginx x-server-name dt15.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dc_oe=ChMIo6buwumHgwMVvJL9Bx1F_gpWEAAYACCK-7piQhMIvLK0wemHgwMVPgT5AB2JggTV;dc_eps=AHas8cDf2zIN99l6gSGOUylqV4gZLpoX5OYCJK_CYH96TpEZNPZQeyTO3o_J4BAHympVihm6pl7y3Z8;met=1;&timestamp=1702312855165;eid1... ade.googlesyndication.com/ddm/activity/ Frame 9D44	42 B 401 B	222ms 77ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo6buwumHgwMVvJL9Bx1F_gpWEAAYACCK-7piQhMIvLK0wemHgwMVPgT5AB2JggTV;dc_eps=AHas8cDf2zIN99l6gSGOUylqV4gZLpoX5OYCJK_CYH96TpEZNPZQeyTO3o_J4BAHympVihm6pl7y3Z8;met=1;&timestamp=1702312855165;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:40:55 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	link.html Show response track.webgains.com/ Frame AA4B	2 KB 2 KB	92ms 92ms	Script text/html	18.132.158.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=84234200125157804444556012535010&nw=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.158.37 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-158-37.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash 800a0c490322d11c4f5e51fa84cf89a1f0109265224919ba74a731aa9187b404 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:41:00 GMT last-modified Mon, 11 Dec 2023 16:41:00 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Mon, 11 Dec 2023 16:42:00 GMT
GET H2	200	activityi;dc_pre=CP2_98rph4MDFYvnmgoda0IEsw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946 Show response 8019191.fls.doubleclick.net/ Frame 9D06 Redirect Chain https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946? https://8019191.fls.doubleclick.net/activityi;dc_pre=CP2_98rph4MDFYvnmgoda0IEsw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946?	392 B 329 B	87ms 86ms	Document text/html	142.250.181.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8019191.fls.doubleclick.net/activityi;dc_pre=CP2_98rph4MDFYvnmgoda0IEsw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946? Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f6.1e100.net Software cafe / Resource Hash 90debf9e6926e3e24f91648a0db0a4bf9e22ca7a709ede814d1a64c4cda4e3c2 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 220 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:41:00 GMT expires Mon, 11 Dec 2023 16:41:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:41:00 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://8019191.fls.doubleclick.net/activityi;dc_pre=CP2_98rph4MDFYvnmgoda0IEsw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request_content.php Show response hal900010.redintelligence.net/ Frame C396	7 KB 2 KB	130ms 48ms	Document text/html	138.201.63.145 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.145.63.201.138.clients.your-server.de Software Apache / Resource Hash b747525cdd1a05a568de0951ae686dc0d22a76f772eadb54fc5248ccbe88b0ab Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2050 Content-Type text/html; charset=utf-8 Date Mon, 11 Dec 2023 16:41:00 GMT Expires Mon, 11 Dec 2023 16:41:00 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	119ms 118ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJUX5,pingTime:15,time:16025,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:622%7D,%7Bpiv:0,vs:o,r:l,t:779%7D,%7Bpiv:100,vs:i,r:,t:894%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:15131,o:894,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~728.90%5D%7D%7D,%7Bsl:i,t:894,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15131~100%5D,as:%5B15131~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:267,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625,sis:1103%7D&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:41:00 GMT server nginx x-server-name dt21.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 9D44	43 B 215 B	120ms 120ms	Image image/gif	2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1693932&asId=4cde07ea-b938-be71-d0fd-eb4eed54fa36&tv=%7Bc:wvJUX7,pingTime:15,time:16027,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:622%7D,%7Bpiv:0,vs:o,r:l,t:779%7D,%7Bpiv:100,vs:i,r:,t:894%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:15133,o:894,n:779,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:622,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B234~1,0~0%5D,as:%5B234~728.90%5D%7D%7D,%7Bsl:o,t:779,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~728.90%5D%7D%7D,%7Bsl:i,t:894,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15133~100%5D,as:%5B15133~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:267,fm:tY9ldfw+11%7C12%7C131%7C141%7C142%7C15111%7C1512%7C1611%7C1711%7C17121%7C1713%7C1714%7C1715%7C181%7C182%7C191*.1693932-75440260%7C1911%7C19121%7C1913,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:625,sis:1103%7D&br=c Requested by Host: ma9ngon.xyz URL: https://ma9ngon.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4280:c86e:c9cc:1329:67c3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:41:00 GMT server nginx x-server-name dt18.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	css fonts.googleapis.com/ Frame C396	5 KB 682 B	54ms 50ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900010.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Dec 2023 16:41:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Dec 2023 15:42:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Dec 2023 16:41:00 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame C396	20 KB 20 KB	129ms 43ms	Image image/png	138.201.63.145 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.145.63.201.138.clients.your-server.de Software Apache / Resource Hash ca1c3b2f55ad7faadf8be24b8720cccb012ed7929a786809cb73dcc7b3c75a65 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900010.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Mon, 11 Dec 2023 16:41:00 GMT Content-Encoding gzip Server Apache Connection close Content-Length 20627 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame C396	27 KB 27 KB	131ms 45ms	Image image/png	138.201.63.145 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.145.63.201.138.clients.your-server.de Software Apache / Resource Hash 8ac6c33c24b44cf768f640d39f59bb94d0d5abcc56ec9a596c13ab9523ea628f Request headers accept-language de-DE,de;q=0.9 Referer https://hal900010.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Mon, 11 Dec 2023 16:41:00 GMT Content-Encoding gzip Server Apache Connection close Content-Length 27706 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame C396	25 KB 25 KB	157ms 40ms	Image image/png	138.201.63.145 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.145.63.201.138.clients.your-server.de Software Apache / Resource Hash 174c4b05c7b3fe0be5a84bf1d18742c2805e9d0b1185e34aff676936b06638b4 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900010.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Mon, 11 Dec 2023 16:41:01 GMT Content-Encoding gzip Server Apache Connection close Content-Length 25829 Vary Accept-Encoding Content-Type image/png
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame AA4B	53 KB 19 KB	54ms 53ms	Script application/javascript	18.66.27.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=84234200125157804444556012535010&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.27.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-27-74.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 01:58:57 GMT content-encoding gzip via 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront) last-modified Thu, 23 Nov 2023 16:26:10 GMT server AmazonS3 x-amz-cf-pop VIE50-P1 age 52932 x-amz-server-side-encryption AES256 etag W/"1180a1bfee0aad979766ecd6180b923e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id 2_y4V4FRUdAQOK_DKGjOw4a317kvUxHbwEg-oQrorua_S_yI6PLWfA==
GET H2	200	1x1.png cdn.track.production.webgains.team/7121/ Frame AA4B	3 KB 3 KB	46ms 46ms	Image image/png	99.86.4.36 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1702313160&Signature=BK~i7817Mxv9CX4MSfYdmytmYEF0HpJ~oA-Y14xvWNp41x-0QR3EqGmkMLEsA5ocNMwyZHbLU3xJulefQCO3SyEbnwUQd-g36RrZcaJWkCPOf-3KfXMP5-ChLUDFa6oJk9Lt1IjsN5viP7brqT5Y7CFU0Nd~vvOLiQSUZi-ZlXF3oi8eUBxnF2sXDrtimUOJ6nk759D0xHeYec-42b3JnhyHhOzrBX-SJQZR9qW7JxYhlhFq1gDvq-4wJCiF0NZ9SzyA1crXHVYfeTS3Wfylst8cZNu6akZzSrhI~ZjtzeDdWEshPDiwbaPIOeXJnburhw43~CPRWf8i360WxGd4vQ__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-36.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-amz-version-id null date Mon, 11 Dec 2023 10:07:35 GMT via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 11:40:06 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 23606 etag "4e57de0506fbdb487ffcd53b450caee1" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2808 x-amz-cf-id jZvBtQgYVDnZ688i1wNqaXgx0GOI9D4aGMTEb095LdKxvPsGLvlerw==
GET H/1.1	200 OK	viewability Show response hal900010.redintelligence.net/ Frame C396	0 150 B	133ms 42ms	Script text/html	138.201.63.145 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900010.redintelligence.net/viewability?s=84234200125157804444556012535010&a=43628536&vb=m Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.145.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Mon, 11 Dec 2023 16:41:01 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	dc_pre=CP2_98rph4MDFYvnmgoda0IEsw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946 adservice.google.com/ddm/fls/z/ Frame 9D06	42 B 401 B	689ms 78ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CP2_98rph4MDFYvnmgoda0IEsw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946 Requested by Host: 8019191.fls.doubleclick.net URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CP2_98rph4MDFYvnmgoda0IEsw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3364261040259.9946? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8019191.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:41:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.facebook.com/plugins/customer_chat/SDK/	0 0
GET H2	200	/ Show response www.facebook.com/plugins/customer_chat/facade/	719 B 3 KB	238ms 170ms	XHR application/json	2a03:2880:f176:84:face:b00c:0:25de
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37ca8fa0aba6%26domain%3Dma9ngon.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fma9ngon.xyz%252Ff3b9774e66dccac%26relation%3Dparent.parent&current_url=https%3A%2F%2Fma9ngon.xyz%2F&is_loaded_by_facade=true&locale=vi_VN&log_id=ae7a4087-be64-4677-bfaf-fe4648c91c75&page_id=107526898555822&request_time=1702312861968&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de -, , ASN (), Reverse DNS Software / Resource Hash 1da889d4222ba645e2f79cf50293b23491bb6cc0a3785accbd6b9002474744ee Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding br x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Mon, 11 Dec 2023 16:41:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" pragma no-cache x-fb-debug LRKmDdfiZHyPXe/RiYfSo2Atpm+bWxmXkdXJVkaJxxrxv3RdM7FYos8rKj5VlWttB26NcqFkbyAeckbC8cxzvg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type application/json; charset=utf-8 x-frame-options DENY access-control-allow-origin https://ma9ngon.xyz origin-agent-cluster ?0 cache-control private, no-cache, no-store, must-revalidate permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	102ms 102ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b0a31b7c470643d26e99f1ba9f669ea62dd4f8c2c7556a96d3fd154a5c77533c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:41:02 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12086 x-xss-protection 0
GET DATA	200 OK	truncated / Frame AA4B	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 533521498e65b4d3fbc068889af637611ff329b86acbadf9c99c0534ee7339ea Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
POST H2	200	tracking-event Show response api.webgains.io/ Frame AA4B	16 B 209 B	97ms 96ms	Fetch application/json	35.176.121.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-121-206.eu-west-2.compute.amazonaws.com Software nginx / PHP/8.1.14 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/json Response headers date Mon, 11 Dec 2023 16:41:02 GMT x-content-type-options nosniff server nginx x-powered-by PHP/8.1.14 content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	47ms 47ms	Preflight	35.176.121.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.176.121.206 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-121-206.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Mon, 11 Dec 2023 16:41:02 GMT server nginx
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	48ms 48ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5153190283126579&plah=ma9ngon.xyz&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:41:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 11 Dec 2023 16:41:02 GMT
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame C396	14 KB 15 KB	50ms 50ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal900010.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:36:48 GMT x-content-type-options nosniff age 245054 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14824 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 20:36:48 GMT
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame C396	15 KB 15 KB	43ms 43ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal900010.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 11:13:55 GMT x-content-type-options nosniff age 278827 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 11:13:55 GMT
GET		/ www.facebook.com/plugins/customer_chat/SDK/	0 0
GET H3	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	49ms 49ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ma9ngon.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:55:13 GMT x-content-type-options nosniff age 247549 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15752 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 19:55:13 GMT
GET H3	200	KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 5 KB	48ms 48ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfCxc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&family=Roboto:wght@900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3a38c967413f7bce36d3baefc321aade81edf369e6a99dc32d911550148f636f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ma9ngon.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:36:55 GMT x-content-type-options nosniff age 245047 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5468 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 20:36:55 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1585	13 KB 5 KB	41ms 39ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 264 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:36:38 GMT expires Tue, 10 Dec 2024 16:36:38 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame E09B	829 B 560 B	52ms 50ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7aa4bb46301af4ba6b0f9d6e0198fc4e8a85451f2ae11f273a3d71520daaee0d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-DMAjG0TyW2TjTdCmbrMZ7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ma9ngon.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-DMAjG0TyW2TjTdCmbrMZ7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 11 Dec 2023 16:41:02 GMT expires Mon, 11 Dec 2023 16:41:02 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame E09B	0 0	92ms 92ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=538058917746411&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 1585	39 KB 15 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 11:45:46 GMT content-encoding br x-content-type-options nosniff age 17716 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 10 Dec 2024 11:45:46 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AA4B	0 22 B	75ms 74ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8975071771504&version=m202309260101&ct=77&x=1&cor=2907944179522641400 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:41:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame AA4B	42 B 64 B	93ms 92ms	Fetch image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDmR-dZ7czR15vVMGwybpEmHxFhujUseCTCsXmZ6EnKdSgz3FkPtrNp4lu_cCVZ6cGO1kaN6qP_R2TcxrkGldpF--hWQjqWjtCZGeo7FxG4utB52dWJdDBzfkLeWNEh18&sai=AMfl-YQy2qlDCAxEJBxVAB0rj87j8R94T5yZaAGGh7zaOQjpYsFKfsjj0Fm6GQxaQrr0Kc8hTwFcQhPtqYkfnWrMmiLC7mxKbZdJyNsN-tzno0azfxCGy8EyM6JB7al_SNQ3qbCUUir5Zk69YurCCdEpXZvBNNlrjQm4MsM&sig=Cg0ArKJSzKPYzKi2O_YYEAE&cid=CAQSTgDICaaNDmqRTJiK2wNtfMnEsjf4IulrnaPPqS8meq2DscTiMIzYCkR89GWXfsvdVxunhwkSZEiKtHOFTNjV_m3tRtSuBK9Lg2rNgzQ0NhgB&id=lidar2&mcvt=1142&p=0,0,600,160&mtos=1142,1142,1142,1142,1142&tos=1142,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702312843431&rpt=17287&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:41:03 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900010.redintelligence.net/ Frame C396	0 150 B	124ms 41ms	Script text/html	138.201.63.145 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900010.redintelligence.net/viewability?s=84234200125157804444556012535010&a=43628536&vb=v Requested by Host: hal900010.redintelligence.net URL: https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.145.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900010.redintelligence.net/request_content.php?s=84234200125157804444556012535010&a=90bf13fe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Mon, 11 Dec 2023 16:41:03 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 1585	0 12 B	41ms 41ms	Image text/plain	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?0LEyyQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 11 Dec 2023 16:41:03 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	89ms 89ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=538058917746411&bg=!Tk2lTQLNAAY3kmNgF5I7ADQBe5WfODczXya7-HmRRNOENBQZdeEJvBLFgSGhlSlrLgy9ha30ynGvum0t7uW-L_zkSIvNAgAAAz1SAAAABWgBB5kDBUVcNZhC1BIe_MUOAUE2YHLdgpUJaxVnrKA7pGgFxdtjNiwKtRu7a7Gu1C34xNCxYaaCzVLVUNovb5WKKS74Ap4rekdSbT_oKgmPYlScjSwsZDAtSiuqQIfgtI62TJbMmL3RhP8DkWV_TMMw93Ze6bIsDznX71S8G_2TWAoecfdjfiGYRJU-7058rFtDQvh2NZdk7N5WBFoGSpVB5nYx1ayRnyTUUwxyAzB-0JJg94J4VHV77oV_bSFcQXcAUJYxfxkmPLCutodlveDOnT2YNJiwwGaBIHk69zgYNnvMN8eeOqa0sglm0N01Xh0vhSR0HYvphT8AXQ8rsHCksq5S6d0TcfPgAl_DT--o8qGXskQKb6aRHK4UoIq-SDtKsBbvMSyizi13OxqfuvK2siRYXXl2WvP_7HVI_Q4uAmmtwmw9eBGI1sooFkodS41nCM8RoZmTlUDJMrXHUKbxxlEw9YGO19h39rZF3acNBgOB24l5c0lnZQpofyCMrqfHVj3665E1MQvKF3IgWn-7t5ToZRb63MCe2MgLkq7oN1CYXxli9VRZ0T2z1OI38qggffgp3eOzZL2xyltCDV-1a1kfDsGCx_-J2MPjUZjnMVSsjy8QAWKBkDpizkz78_CvOswWWcnLV-8SNXGDj8pYYz1T7-FdF7ZhE64BURoD6eKFzlO1Q7G3nAQUzFjWBgTYwoL8fwEOgQf84pkKIdGFl0f9h1LzqjbtDLaJW9oNMn0wTAB39Pxo7y-CyCozDiIIzsYENKuCBrloUzsIjgtO3iCuxHNAgpO--DneMFGZMSbyz8QV2MyNj9nKRivR6H3znbaOQqD4_8apmWcCybF-9Gv5EC4Wm1m-YubBzesnnS7m26QDceYTUW9_2eJor3tuzlxGBKHrKKoIN-jbeqmwT7UAGF3sCt4lMfiOXgQHzUtsw58i7mxQpZ1r93s9WvsZpyuOBQnhVG2dE_8Dwpop0qzMfVv3rvXJ6ryIpCGCsy9O1XFw7-Hl9TMFFKy6N8bSFPRYiaLjpwmi Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ma9ngon.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H2	200	dc_oe=ChMIo6buwumHgwMVvJL9Bx1F_gpWEAAYACCK-7piQhMIvLK0wemHgwMVPgT5AB2JggTV;dc_eps=AHas8cDf2zIN99l6gSGOUylqV4gZLpoX5OYCJK_CYH96TpEZNPZQeyTO3o_J4BAHympVihm6pl7y3Z8;met=1;&timestamp=1702312865147;eid1... ade.googlesyndication.com/ddm/activity/ Frame 9D44	42 B 107 B	92ms 91ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo6buwumHgwMVvJL9Bx1F_gpWEAAYACCK-7piQhMIvLK0wemHgwMVPgT5AB2JggTV;dc_eps=AHas8cDf2zIN99l6gSGOUylqV4gZLpoX5OYCJK_CYH96TpEZNPZQeyTO3o_J4BAHympVihm6pl7y3Z8;met=1;&timestamp=1702312865147;eid1=2;ecn1=0;etm1=10; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Mon, 11 Dec 2023 16:41:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googlecm.hit.gemius.pl

URL

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEN6i9nSjlA7WFY806WtrYxA&google_cver=1&google_push=AXcoOmQU_VdFmSDtmjHMowOpQIw4_0K8GfzI2Vqkgj4OEjBlIkVdQr7UsH8kA4VC8Kv0nlysPwNOT3oEHULM5ZnxAzx_RT0jvdeP7Yw-4wu1dpPMBjIRQwSsyKVlxYNoAuskKD_QQBQDIvrx3YR-qt9U_hlFGYA

Domain

www.facebook.com

URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37ca8fa0aba6%26domain%3Dma9ngon.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fma9ngon.xyz%252Ff3b9774e66dccac%26relation%3Dparent.parent&current_url=https%3A%2F%2Fma9ngon.xyz%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=ae7a4087-be64-4677-bfaf-fe4648c91c75&page_id=107526898555822&request_time=1702312861968&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Domain

www.facebook.com

URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37ca8fa0aba6%26domain%3Dma9ngon.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fma9ngon.xyz%252Ff3b9774e66dccac%26relation%3Dparent.parent&current_url=https%3A%2F%2Fma9ngon.xyz%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=358&locale=vi_VN&log_id=ae7a4087-be64-4677-bfaf-fe4648c91c75&page_id=107526898555822&request_time=1702312862326&sdk=joey&should_use_new_domain=false&suppress_http_code=1