newyearonline.com Open in urlscan Pro
144.91.91.188 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newyearonline.com/
Submission Tags: phishingrod
Submission: On January 14 via api (January 14th 2023, 2:46:41 am UTC) from DE — Scanned from DE

Summary HTTP 139 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 24 domains to perform 139 HTTP transactions. The main IP is 144.91.91.188, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is newyearonline.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 23rd 2022. Valid for: 3 months.

This is the only time newyearonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	144.91.91.188 144.91.91.188	51167 (CONTABO) (CONTABO)
5	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	18.197.12.31 18.197.12.31	16509 (AMAZON-02) (AMAZON-02)
1 7	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	52.58.161.171 52.58.161.171	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:9af0:2701:a426:d747	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.87.133.65 104.87.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.41.252.217 13.41.252.217	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.11 65.9.66.11	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	() ()
4	35.179.46.115 35.179.46.115	16509 (AMAZON-02) (AMAZON-02)
139	25

29 144.91.91.188 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi181227.contaboserver.net

newyearonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.12.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-12-31.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.208.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.161.171 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-161-171.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9af0:2701:a426:d747 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.125.36 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.87.133.65 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-65.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.41.252.217 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-11.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN- ()
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.179.46.115 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	380 KB
29	newyearonline.com newyearonline.com	996 KB
21	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	115 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28836 ad4m.at — Cisco Umbrella Rank: 9591 assets.ad4m.at — Cisco Umbrella Rank: 37206	1 MB
11	gstatic.com fonts.gstatic.com www.gstatic.com	114 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18712 api.webgains.io — Cisco Umbrella Rank: 49878	31 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	193 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 40045	52 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417 ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8470	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1223	460 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 82915 static-de.ad4mat.net — Cisco Umbrella Rank: 115742	4 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056	19 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 59631	639 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15193	695 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11998	554 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 663	761 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 611	191 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	702 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2439	348 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	76 KB
139	24

	Domain	Requested by
29	newyearonline.com	newyearonline.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net newyearonline.com
12	pagead2.googlesyndication.com	newyearonline.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
5	fonts.googleapis.com	newyearonline.com googleads.g.doubleclick.net
4	api.webgains.io	analytics.webgains.io
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	track.webgains.com	as.ad4m.at
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	sync.teads.tv	1 redirects
2	ups.analytics.yahoo.com	2 redirects
2	x.bidswitch.net	2 redirects
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	d.agkn.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	newyearonline.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	newyearonline.com
139	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
newyearonline.com cPanel, Inc. Certification Authority	`2022-10-23` - `2023-01-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://newyearonline.com/
Frame ID: 56470275E3275DBB93B1A915C2B5C27D
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Frame ID: 6D08C08DB42004300B1F82921DD19069
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&adk=1812271804&adf=3025194257&lmt=1673664395&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fnewyearonline.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664394769&bpp=5&bdt=631&idt=260&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4632357276354&frm=20&pv=2&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=286
Frame ID: B413D41AA479F78E73D3065E56EFDC83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=280&slotname=5715826538&adk=1005859416&adf=1839787983&pi=t.ma~as.5715826538&w=1200&fwrn=4&fwrnh=100&lmt=1673664395&rafmt=1&format=1200x280&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664394774&bpp=2&bdt=636&idt=287&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0aqED3oMWc&p=https%3A//newyearonline.com&dtd=292
Frame ID: F52C867C5E1FE8C2C333932E659689B1
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: ABE2C7A6178F4B97C70063F61650BF33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=280&adk=1959859350&adf=2334688461&pi=t.aa~a.4204391091~i.5~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673664396&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4932413235&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&pra=3&rh=200&rw=1550&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664396041&bpp=1&bdt=1904&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2186a265083f2f5d-22619e1c45db00b2%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ&gpic=UID%3D00000ba22c4b0f03%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw&prev_fmts=0x0%2C1200x280&nras=2&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&psts=ACgb8tunOVANbWH8yjeIda0hByg8-c9lqAVEBBl6-LY9_gesi7rg4oZdcDAUwyfQ38_MMRQiBsvDLMF9RNYE5bro_w&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d8nXFd0Qww&p=https%3A//newyearonline.com&dtd=5
Frame ID: A366C81A3479FC2E6790317CF2E1EDC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=250&adk=1089913611&adf=3416974341&pi=t.aa~a.2241233134~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1673664396&rafmt=1&to=qs&pwprc=4932413235&format=317x250&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664396051&bpp=1&bdt=1913&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2186a265083f2f5d-22619e1c45db00b2%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ&gpic=UID%3D00000ba22c4b0f03%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1276&ady=1429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&psts=ACgb8tunOVANbWH8yjeIda0hByg8-c9lqAVEBBl6-LY9_gesi7rg4oZdcDAUwyfQ38_MMRQiBsvDLMF9RNYE5bro_w&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EzaIn5KbOB&p=https%3A//newyearonline.com&dtd=4
Frame ID: 1059F2563565679FC72D9CFEF045B3B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 023CE957C6BE347063BD8B73513B068A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Frame ID: B4D4398ADD5D2423361F76434A66CB65
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBA8DFDCEDA0541FB85D6CB611E32884
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 642D294CCE2F13BA4D035A6A673B2550
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 839DB98A41C390C8B747F51F6352A22E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CdOLVjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTFAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqXoGGteqJYM5rKPfFiXddWp4HnHstkVv-jvBjfCJjF0YFcVEV5ZYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MTI0Mjk2MzY5MjU0ODQ4GAA&sigh=upddPksYb5A&uach_m=[UACH]&cid=CAQSOwDq26N9tGSHT-k9IYywfqPCj3MmOxrkJ6rMjePyqbOkzztsqUk1I1brp_LGGOyPkEI2TSt0Skwc3WHQGAEgEw
Frame ID: D2992F23CD2BEC5F19D5CC6689F6B6FF
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jey3y1h49j6ys4221rr6rvr80jff4fchg70dp55wnsqfy28hhxsacmjtgv5jd25fdp3qdddrqqnq80nfwcrqqfr9xsga52f6kq55vdy69k346g347aahtrn0q0w9xkfcqcykxtbg5rmgz6tz86w8gga43hcx2recpje0emdh20s5s4edfpeszf6qcxk273x0a2sr2f88qkfyf7zc9xycswv0qgajw9az77tn02t16p4xhr9kw788g2b0esybmrx0b8kzd0qv66tssxxw6wfdvz545pgcprhxr2wbxb5m17g3y1z4naxvs9xc7jgvvd2pxwnx9j53wp5yqedr3xa2s7mp9afznnnybq7e6mwkrj3fsbynq5mwrqtmajmchwpfnr0zzwses66ymfzr5tnd8smqzmfyh4e4c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%26client%3Dca-pub-5124296369254848%26adurl%3D
Frame ID: CE08D94275FD105BA9071873034125B1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 392CA32BEFDA25487E5B763E8ABF72AA
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 5AE621CBD7139FBDF032C22238AA4E4A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9A165D7980941E0ADED64517C5614275
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 76E9933584789F15DDAD937297FD44E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 0EF1F4EFD1FE47C082C43F6E96333F1E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Frame ID: C7086BC584F77A8EA36801D47715ED7C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Happy New Year 2023 With Name

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

95 %
HTTPS

57 %
IPv6

24
Domains

33
Subdomains

25
IPs

5
Countries

3163 kB
Transfer

5054 kB
Size

22
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/namecakes/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NBirthdayCakes
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/birthdaycakesAm/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7O_UNApNh7JKahFu7kFaFQ
Title: Youtube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://d.agkn.com/pixel/2175/?google_gid=CAESEIp5lkplwOjx4mAVu37833E&google_cver=1&google_push=AavPq0PKxYE-k3iFxf8tvPdFYWziBAbBtak-i4vSeEQuW1_0tcbpLVRnp0LfUz5GoUg-VmlY39JMhJHhOsEX28-I9ilXyN9H8L1ZEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0PKxYE-k3iFxf8tvPdFYWziBAbBtak-i4vSeEQuW1_0tcbpLVRnp0LfUz5GoUg-VmlY39JMhJHhOsEX28-I9ilXyN9H8L1ZEg&google_hm=Q0FFU0VJcDVsa3Bsd09qeDRtQVZ1Mzc4MzNF

Request Chain 108

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHqvzOxJBuh0S2GNJrUgmko&google_cver=1&google_push=AavPq0PdUa7Acc5TugK4HN5Kmca9eFVNAigrO05Ii-HQo0OeQUh3bVUFZSNPehx7swe_vDjNJoSkTKjYcP3lcvszHZRCeQHjVFmeKzg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7Lj_AsSrS8GVAI2wqTh8tw2&google_push=AavPq0PdUa7Acc5TugK4HN5Kmca9eFVNAigrO05Ii-HQo0OeQUh3bVUFZSNPehx7swe_vDjNJoSkTKjYcP3lcvszHZRCeQHjVFmeKzg

Request Chain 109

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECPqFV6J2Gx8hVh3HabF4mo&google_cver=1&google_push=AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdilqp-ouDAT3fmPLFQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECPqFV6J2Gx8hVh3HabF4mo&google_cver=1&google_push=AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdilqp-ouDAT3fmPLFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdilqp-ouDAT3fmPLFQ&google_hm=hNRi_rmYTgeXlvey0UCLsA==

Request Chain 110

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDM58_mm7DfKCI6SDDfUYUA&google_cver=1&google_push=AavPq0N__KL6IbjgeyScQexE8QmjS4zUs9qKtLuJg91IGE4CmEt1aZrb-Sfu6Bw2jLdM_DoS3prC1iTdKm9sgHdPDFiB-KYV9uB8QGs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N__KL6IbjgeyScQexE8QmjS4zUs9qKtLuJg91IGE4CmEt1aZrb-Sfu6Bw2jLdM_DoS3prC1iTdKm9sgHdPDFiB-KYV9uB8QGs&google_hm=eS1JUGoub09SRTJwRi5EekFvWFFPOFJ2SHFnakZ5bWpJTX5B

Request Chain 111

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKT6YPAtSeNhEoz6LbCcWdk&google_cver=1&google_push=AavPq0PZr5XPTzfuKjOro0dBQUhquhFaD-5swSYrv9qgGFqxteHyhSaXX43NEDetSPXFlCW0Z0H45Smkh4GdbggisXOFc1cy06O12kBo HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKT6YPAtSeNhEoz6LbCcWdk&google_cver=1&google_push=AavPq0PZr5XPTzfuKjOro0dBQUhquhFaD-5swSYrv9qgGFqxteHyhSaXX43NEDetSPXFlCW0Z0H45Smkh4GdbggisXOFc1cy06O12kBo&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uMmVZbUw5RTJ1RkswTlhDc2k1Ymg2ZktJc0lnYzZTMH5B&google_push=AavPq0PZr5XPTzfuKjOro0dBQUhquhFaD-5swSYrv9qgGFqxteHyhSaXX43NEDetSPXFlCW0Z0H45Smkh4GdbggisXOFc1cy06O12kBo

Request Chain 112

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGhe2i0LrL8axFJY7i9J-xU&google_cver=1&google_push=AavPq0PiBlKHV3Vm8Rma1CMkab3t3NCnKbg4pI4Hp11HG-wpQ68pUv733JBg28E4161HW9Kg2_-cy1QQZOSOWtNTLvZgkZg5VMBUIowo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PiBlKHV3Vm8Rma1CMkab3t3NCnKbg4pI4Hp11HG-wpQ68pUv733JBg28E4161HW9Kg2_-cy1QQZOSOWtNTLvZgkZg5VMBUIowo HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1673664397_aa38db90-93b5-11ed-a520-22653408fd8a&insert=AW&&gdpr=0&gdpr_consent=

139 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
newyearonline.com/ 28 KB
5 KB 36ms
11ms Document
text/html 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: f263ab67855814c593f1397b3e77e0d8aff0fef10bfab3dcfdc8bcaec585d33e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4760
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Jan 2023 02:46:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
newyearonline.com/js/vendor/ 86 KB
30 KB 15ms
15ms Script
application/javascript 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://newyearonline.com/js/vendor/jquery-3.4.1.min.js
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2020 10:27:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30682
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK site.css
newyearonline.com/css/ 27 KB
5 KB 30ms
11ms Stylesheet
text/css 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://newyearonline.com/css/site.css
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 4dfa86f94ee4e501095a852210d457e392cc722abd3c20294ba1eac2885bcda2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2020 10:24:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4626
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 151ms
44ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: newyearonline.com
URL: https://newyearonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 02:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 02:10:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 02:46:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 188ms
95ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EH6HBTCHGL

Requested by

Host: newyearonline.com
URL: https://newyearonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

769a05f3c6d112a5b43fae43f0cf3a2b53902632add881d3c068891e159f99e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 02:46:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 379ms
67ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newyearonline.com
URL: https://newyearonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5ec4de2d6a9cecad8e1a02db252f259fb6e564dc18f6f6221a163b90e86c2f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49465
x-xss-protection: 0
server: cafe
etag: 6496643504292242939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 Jan 2023 02:46:34 GMT

GET
H/1.1 200
OK logo.png
newyearonline.com/images/ 4 KB
5 KB 10ms
10ms Image
image/png 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/logo.png
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 0f5801eb87c63838c03afb8d6b6d66c4f17d6393aa69af9443333f5a30e4c916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Wed, 01 Jul 2020 08:43:13 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4583
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK lazy_42.jpg
newyearonline.com/images/ 176 B
491 B 10ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/lazy_42.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: d9ea1b70fe84348e44dc056216440f70e2aebbb08441d691ef732a8717f4af5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Tue, 30 Jun 2020 10:23:32 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 176
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK utilities.js Show response
newyearonline.com/js/app/min/ 311 B
555 B 10ms
10ms Script
application/javascript 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://newyearonline.com/js/app/min/utilities.js
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 6f4320d8a38958b52b1b2a9889dba5b20b37846aa226eeed678bc4d8579a8717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2020 11:07:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 181
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK index.js Show response
newyearonline.com/js/app/min/ 10 KB
4 KB 10ms
10ms Script
application/javascript 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://newyearonline.com/js/app/min/index.js
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 0392472de79757a981cee4c4e7e9308c6b84684d5e12c17632efae40ce8c0397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2020 11:07:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3364
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK qicons.ttf
newyearonline.com/css/fonts2/ 5 KB
3 KB 11ms
11ms Font
application/x-font-ttf 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://newyearonline.com/css/fonts2/qicons.ttf?gant0n
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/css/site.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: e27a96534acb5a5e6c433277c8e372d3639ce3d2341f416f9e9386e7cf9244dd

Request headers

Referer: https://newyearonline.com/css/site.css
Origin: https://newyearonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jun 2020 10:55:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-font-ttf
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3028
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 128ms
39ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newyearonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:33:00 GMT
x-content-type-options: nosniff
age: 198814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:33:00 GMT

POST
H/1.1 200
OK getgreetingsitems.php Show response
newyearonline.com/classes/ 203 B
538 B 18ms
18ms XHR
application/json 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://newyearonline.com/classes/getgreetingsitems.php
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/js/vendor/jquery-3.4.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: f93e3de20ce792ec126cba2c1a9e7b17c8a5021f25cd384cb1459e8dcb12b7c8

Request headers

Accept: */*
Referer: https://newyearonline.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 02:46:34 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: application/json
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK happy-new-year-wishes-with-my-name_3ea2.jpg
newyearonline.com/images/styles/ 88 KB
88 KB 17ms
13ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/happy-new-year-wishes-with-my-name_3ea2.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 52392d39bfd9db0d609138ef34f8c7ffbe2b0e1ea60e1f9e04e5f9659b645e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Sun, 24 Jul 2022 09:22:07 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 89878
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK download-happy-new-year-cake-images-with-name_d056.jpg
newyearonline.com/images/styles/230/ 12 KB
12 KB 29ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/download-happy-new-year-cake-images-with-name_d056.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: a3e81c83783f9c8feab339eb3e5e564a0d2783c9df0d80e78f0ce4860d97423e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Wed, 20 Jul 2022 13:36:08 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 11862
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK write-name-on-new-year-cake-images_6de4.jpg
newyearonline.com/images/styles/230/ 11 KB
12 KB 33ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/write-name-on-new-year-cake-images_6de4.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 92a2c146fa7f304dde7d4bd151a8cb92e62ba9504b22cdd80371116b509457f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Wed, 20 Jul 2022 13:36:56 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11645
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-2023-photo-with-name_4d56.jpg
newyearonline.com/images/styles/230/ 22 KB
22 KB 34ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/happy-new-year-2023-photo-with-name_4d56.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: e0fc1d6d76c4dc07d9b328ab29b2edd6c01fefc75c6fdcd16862f33af90eb651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Thu, 03 Nov 2022 05:43:18 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22291
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK 2021-new-year-card-with-photo_610b.jpg
newyearonline.com/images/styles/230/ 8 KB
9 KB 35ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/2021-new-year-card-with-photo_610b.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 3c1180ae8f0e8638da1470327c6bb6caf08950d974e1c34b901658777eeb7f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Sun, 04 Dec 2022 13:24:31 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8626
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK new-year-greeting-card-with-name_fe06.jpg
newyearonline.com/images/styles/230/ 12 KB
12 KB 18ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/new-year-greeting-card-with-name_fe06.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 50c70c4f847870679537a5bece9980d36c1680f95c2c0bbb99c4e1c2ce6edab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Sat, 23 Jul 2022 11:22:01 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12106
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-cake-design-images_3a71.jpg
newyearonline.com/images/styles/230/ 13 KB
14 KB 14ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/happy-new-year-cake-design-images_3a71.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: d792cd9fe9defeef80af2f84af745f52a8526a27cad7b2dee625da6a101e498f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Tue, 19 Jul 2022 06:26:23 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13822
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-cake-images_ff50.jpg
newyearonline.com/images/styles/230/ 11 KB
11 KB 10ms
9ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/happy-new-year-cake-images_ff50.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: eccf6cfccaecab007c60e2f204c52ea9731b408a114cc4b4d2c32f5f42ce2823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Wed, 20 Jul 2022 13:40:49 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 11116
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-love-wishes-with-name_5fab.jpg
newyearonline.com/images/styles/230/ 11 KB
12 KB 10ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/happy-new-year-love-wishes-with-name_5fab.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 2aa741aea1b399d4545d09a3a7b04219c625f2a47f18cac49c602b80d26ed3f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Tue, 20 Dec 2022 09:07:26 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 11746
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK name-photo-on-new-year-cake-message_7d25.jpg
newyearonline.com/images/styles/230/ 12 KB
13 KB 10ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/name-photo-on-new-year-cake-message_7d25.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: c3e17a17900c8e61edb9589779a27e58af16fc876633811d3a78a9319578d155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Sat, 17 Dec 2022 13:23:35 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12497
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK wishes-happy-new-year-cake-with-name-editing_901c.jpg
newyearonline.com/images/styles/230/ 9 KB
9 KB 10ms
9ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/wishes-happy-new-year-cake-with-name-editing_901c.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: c437ba5166746ed2bf220a7a580cd5bc9c8bdfbf896b0fc3ea3b23c3f192e6d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Sat, 17 Dec 2022 12:44:32 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 8939
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-invitation-card-maker_dc60.jpg
newyearonline.com/images/styles/230/ 11 KB
11 KB 10ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/happy-new-year-invitation-card-maker_dc60.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 9a4cd329a5814670f907f0d2530222b58adb10fb722bf4c1c382e5eaa6633ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Sun, 11 Dec 2022 06:31:42 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11025
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-images_fd37c.jpg
newyearonline.com/images/cats/350/ 124 KB
124 KB 13ms
12ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/cats/350/happy-new-year-images_fd37c.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 41dfc544d0e70a97371acea8f76c9d7fa8eb4959058d6c52268649b5a8a65855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Sat, 31 Dec 2022 12:50:08 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 126645
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-card-with-name_202ca.jpg
newyearonline.com/images/cats/350/ 114 KB
114 KB 11ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/cats/350/happy-new-year-card-with-name_202ca.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 89dabbce3eae10a16557c7e06bec014e492af73b208adbde898349c3d013c1eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Tue, 25 Oct 2022 09:04:21 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 116916
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-frame_e01d4.jpg
newyearonline.com/images/cats/350/ 100 KB
100 KB 11ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/cats/350/happy-new-year-frame_e01d4.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: ed4405868f9d9bfeaa2379eb2221385d4650cb7182919263d3d2c6e53faa201f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Tue, 25 Oct 2022 09:04:22 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 102572
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-wishes-with-name_3011d.jpg
newyearonline.com/images/cats/350/ 177 KB
177 KB 12ms
11ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/cats/350/happy-new-year-wishes-with-name_3011d.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: eaf6ce592db42405fb7bcb7fa4bc5e1d5c07ac9bf2ab91c910667af393ff5560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Tue, 25 Oct 2022 09:04:20 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 180791
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-cake-with-name_2b885.jpg
newyearonline.com/images/cats/350/ 169 KB
170 KB 10ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/cats/350/happy-new-year-cake-with-name_2b885.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 5d1ebd76dd85c2246c3a91c84355c356fa8eaf32b6e8b5653b3db9e1aa565701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Tue, 25 Oct 2022 09:04:24 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 173541
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-wish-with-photo_591f.jpg
newyearonline.com/images/styles/230/ 8 KB
9 KB 10ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/happy-new-year-wish-with-photo_591f.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: 858ea9ca402c560e6bcd7baf5139addf2511d60be3a30e8f379d16063767fbb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Tue, 19 Jul 2022 06:24:42 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8545
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK create-new-year-wish-by-name_34f6.jpg
newyearonline.com/images/styles/230/ 13 KB
13 KB 12ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/create-new-year-wish-by-name_34f6.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: cf21eea17015b59c5236fa11b548a38dba6edb19c6c6827ecc06824b28d0d14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Wed, 01 Jul 2020 08:54:30 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 12934
Expires: Sun, 14 Jan 2024 02:46:34 GMT

GET
H/1.1 200
OK happy-new-year-wishes-with-name-and-photo-edit_3d1b.jpg
newyearonline.com/images/styles/230/ 10 KB
11 KB 10ms
10ms Image
image/jpeg 144.91.91.188
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyearonline.com/images/styles/230/happy-new-year-wishes-with-name-and-photo-edit_3d1b.jpg
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.91.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi181227.contaboserver.net
Software: Apache /
Resource Hash: f27e386cd47d5a3a9577f0e0d034b72a49d7da8bd33f0a92c68cf168f06900f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 02:46:34 GMT
Last-Modified: Wed, 27 Oct 2021 14:32:03 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 10671
Expires: Sun, 14 Jan 2024 02:46:34 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 467ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EH6HBTCHGL&gtm=2oe1a1&_p=662859201&cid=1353498027.1673664395&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673664394&sct=1&seg=0&dl=https%3A%2F%2Fnewyearonline.com%2F&dt=Happy%20New%20Year%202023%20With%20Name&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH6HBTCHGL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newyearonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 71ms
70ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5124296369254848&plah=newyearonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa9c29b5d6f92f27e7948dfbf3eb4c1e6440476a3846dcd246502ffc06aba5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119973
x-xss-protection: 0
server: cafe
etag: 11115001340768239257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 14 Jan 2023 02:46:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame 6D08 10 KB
5 KB 322ms
19ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 01:12:28 GMT
etag: 10353107486223812946
expires: Sat, 28 Jan 2023 01:12:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
702 B 104ms
42ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newyearonline.com&callback=_gfp_s_&client=ca-pub-5124296369254848&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5124296369254848&plah=newyearonline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c58455f44246313ade0953fca2946d5ebb2e23d70d654477a13493c8db67853c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 361ms
282ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newyearonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 122ms
43ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newyearonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B413 251 KB
58 KB 883ms
851ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&adk=1812271804&adf=3025194257&lmt=1673664395&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fnewyearonline.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664394769&bpp=5&bdt=631&idt=260&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4632357276354&frm=20&pv=2&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=286

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f836c83d891f490adfb8e30f2bb240538b36b837d92af0ad2a4a7d040353a09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 59115
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:35 GMT
expires: Sat, 14 Jan 2023 02:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F52C 82 KB
30 KB 405ms
382ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=280&slotname=5715826538&adk=1005859416&adf=1839787983&pi=t.ma~as.5715826538&w=1200&fwrn=4&fwrnh=100&lmt=1673664395&rafmt=1&format=1200x280&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664394774&bpp=2&bdt=636&idt=287&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0aqED3oMWc&p=https%3A//newyearonline.com&dtd=292

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b2293735983abda130acb23af3f87dba35c098c579d07a61e6c492a9b72888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30458
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:35 GMT
expires: Sat, 14 Jan 2023 02:46:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame F52C 6 KB
768 B 44ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=280&slotname=5715826538&adk=1005859416&adf=1839787983&pi=t.ma~as.5715826538&w=1200&fwrn=4&fwrnh=100&lmt=1673664395&rafmt=1&format=1200x280&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664394774&bpp=2&bdt=636&idt=287&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0aqED3oMWc&p=https%3A//newyearonline.com&dtd=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 02:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 02:02:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 02:46:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16466493746143053049/ Frame F52C 19 KB
20 KB 126ms
47ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16466493746143053049/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

633ba6ee8e1070849e92229fe6eb4df88edaf431230d8b13a31f0d2115775037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 19:00:29 GMT
x-content-type-options: nosniff
age: 459966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19966
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:33:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Jan 2024 19:00:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F52C 2 KB
818 B 106ms
46ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F52C 0
0 64ms
63ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkkhFixfCY4yhB5mOrASaoZiACe6OlYBuqcT03t8QspHlm9YBEAEguMiSJ2CV4pCCoAegAeCB8PgoyAEJqQLG1kpOgyyyPqgDAcgDywSqBNMBT9DU9TXLo-slqGjYsQmAlgM8LMku16FCUqzvhLdivo4j4CoCDRI0zYEx2o69uzkf_oW8hTFMHPIjnkF9HPFoU3fD_vBUeUj483viJZfvxMHQjrkrVdKvd2_80VUGbKqGOBNn4I--LBUEsW-mnP9NmWII3HBvTCGcgZo4f-lzhTH6phwUlglmN7ENBPE4FGStz-A4ojW3Yj2w0molyfxX7qtGFnIB6CxnvxN6h54ye3xQLjZwyYon2ia9_D0yZRG8mdZ49z1A5qj_wwlBZJxLhTl2xMAEy6zWuJIEkgUECAQYAZIFBAgFGASgBi6AB-C5wNgDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQmrgC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTUxMjQyOTYzNjkyNTQ4NDgYAA&sigh=S_FoOFQI-Zw&uach_m=[UACH]&cid=CAQSGwDq26N9o8-E9pXgsKJUW3CLenJSRFlx4HzjLBgBIBM&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=280&slotname=5715826538&adk=1005859416&adf=1839787983&pi=t.ma~as.5715826538&w=1200&fwrn=4&fwrnh=100&lmt=1673664395&rafmt=1&format=1200x280&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664394774&bpp=2&bdt=636&idt=287&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0aqED3oMWc&p=https%3A//newyearonline.com&dtd=292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Jan 2023 02:46:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Jan 2023 02:46:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame F52C 22 KB
9 KB 79ms
20ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Jan 2023 02:06:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F52C 3 KB
1 KB 105ms
47ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame F52C 18 KB
7 KB 101ms
43ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F52C 157 KB
49 KB 192ms
98ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 02:46:35 GMT

GET
H2 200 4486906364f6b2babc33c791099553dd.js Show response
www.gstatic.com/mysidia/ Frame F52C 33 KB
14 KB 81ms
20ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4486906364f6b2babc33c791099553dd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 04:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 04:15:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 04:48:31 GMT

GET
DATA 200
OK truncated
/ Frame F52C 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5a732dc3fa0ccff1e578db0948389414c7d69d1b1bcd320069ab0a19e00e69d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F52C 15 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:33:08 GMT
x-content-type-options: nosniff
age: 198807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:33:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F52C 15 KB
15 KB 46ms
46ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 01:58:46 GMT
x-content-type-options: nosniff
age: 175669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 01:58:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F52C 15 KB
15 KB 57ms
57ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 19:33:00 GMT
x-content-type-options: nosniff
age: 198815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:33:00 GMT

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame ABE2 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:03:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 138ms
71ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f2f88cfd316d86e9a9a3da800d9e9b160b62c1351d32cc0d5dcb46bc39dd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10937
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa11dcf4bb4bdf092fed6957fa0df567592f815e7aa638f45c9d63033f544c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52349
x-xss-protection: 0
server: cafe
etag: 14177166633157187976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 Jan 2023 02:46:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 43ms
42ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newyearonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 43ms
42ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newyearonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A366 436 B
233 B 290ms
289ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=280&adk=1959859350&adf=2334688461&pi=t.aa~a.4204391091~i.5~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1673664396&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4932413235&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&pra=3&rh=200&rw=1550&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664396041&bpp=1&bdt=1904&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2186a265083f2f5d-22619e1c45db00b2%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ&gpic=UID%3D00000ba22c4b0f03%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw&prev_fmts=0x0%2C1200x280&nras=2&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&psts=ACgb8tunOVANbWH8yjeIda0hByg8-c9lqAVEBBl6-LY9_gesi7rg4oZdcDAUwyfQ38_MMRQiBsvDLMF9RNYE5bro_w&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=d8nXFd0Qww&p=https%3A//newyearonline.com&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5ea7d8915e1ed757926e459b67e3b0ee749ba9ccd2cebe9967e5f7441f82a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1059 31 KB
12 KB 475ms
475ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=250&adk=1089913611&adf=3416974341&pi=t.aa~a.2241233134~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1673664396&rafmt=1&to=qs&pwprc=4932413235&format=317x250&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664396051&bpp=1&bdt=1913&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2186a265083f2f5d-22619e1c45db00b2%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ&gpic=UID%3D00000ba22c4b0f03%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1276&ady=1429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&psts=ACgb8tunOVANbWH8yjeIda0hByg8-c9lqAVEBBl6-LY9_gesi7rg4oZdcDAUwyfQ38_MMRQiBsvDLMF9RNYE5bro_w&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EzaIn5KbOB&p=https%3A//newyearonline.com&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64b0a19dc92b8c40d9e98bb78ad4ac4dffd31c97be6d84594398f6b9dc8f01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 66ms
65ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 02:46:36 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newyearonline.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
43ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newyearonline.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 023C 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 01:12:24 GMT
etag: 10353107486223812946
expires: Sat, 28 Jan 2023 01:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame B4D4 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 01:12:24 GMT
etag: 10353107486223812946
expires: Sat, 28 Jan 2023 01:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 023C 4 KB
636 B 211ms
211ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 02:02:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 02:46:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 023C 205 B
518 B 21ms
21ms Image
image/png 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:08:32 GMT
x-content-type-options: nosniff
age: 5884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Jan 2024 01:08:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 023C 604 B
695 B 23ms
23ms Image
image/png 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:01:04 GMT
x-content-type-options: nosniff
age: 20732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Jan 2024 21:01:04 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 023C 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8191
x-xss-protection: 0
server: cafe
etag: 7335088802737092762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:55:52 GMT

GET
H2 200 1fa652aa70ababc78244f8b54c5f124c.js Show response
www.gstatic.com/mysidia/ Frame B4D4 9 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efaee115f8c9c7c11e2e17bd4d580db1136571500686a8f68cdba7a5117576a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4234
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:13 GMT

GET
H2 200 53fc7b95e2e7da56f9754d97b9eef8af.js Show response
www.gstatic.com/mysidia/ Frame B4D4 10 KB
5 KB 42ms
42ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/53fc7b95e2e7da56f9754d97b9eef8af.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee4faaed51a230b371a20f4dbe1551889b4eb9636f0a72e03332f4af24834be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4647
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:58:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B4D4 8 KB
895 B 204ms
204ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 02:26:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 02:46:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B4D4 2 KB
799 B 71ms
68ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame B4D4 22 KB
9 KB 68ms
67ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Jan 2023 02:06:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B4D4 3 KB
1 KB 71ms
69ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame B4D4 18 KB
7 KB 69ms
68ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4D4 157 KB
48 KB 94ms
93ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 02:46:36 GMT

GET
H2 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame B4D4 33 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBA8 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 155172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 07:40:24 GMT
expires: Fri, 12 Jan 2024 07:40:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 642D 783 B
970 B 136ms
44ms Document
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d2933fb366213f9e5598e4fdb0a9e6f56791c8d831f6d5bcb4e4225fb723561

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4eOvTjyHvtGPosNfPC84XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newyearonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-4eOvTjyHvtGPosNfPC84XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
expires: Sat, 14 Jan 2023 02:46:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17790311148257100460/ Frame B4D4 823 B
850 B 20ms
20ms Image
image/png 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17790311148257100460/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1423874154d166413313fdc4f1f751b52502bdcb9f6b1683784284f4f900a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 10:04:58 GMT
x-content-type-options: nosniff
age: 405698
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 823
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 18:41:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jan 2024 10:04:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B4D4 0
0 66ms
65ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLhiPixfCY5GUB9OSjuwPiPePsAfrudq3brybkcDBEMPvj5yuIxABILjIkidgleKQgqAHoAGSmav8AsgBAagDAaoE0wFP0MgnX7nxePaSWY4twvmOtlwYIYJI7FVETT_d4bmgynjveTZgpGZF_KYlDkxFfle_5bNfB22TUVmHL0I_ptK52F4wyMbQ60dpfUAelv2HU7holfPiCxTKbhiwqHmrWtbFMTUoIg24nb2ZeYViiaUENawO7e4E681uhHbhr11smGI6Ou3W-P3H4TRPXvU0ychQezmpi0b829J9UUC04FhL8bmRPTVaq2-fo7VKhq1FGS5jZ62IIxjcz-hepacIBt-P_kJ4r1eiTWaaTubhB7xh0vGewASNscbIhQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCNnQrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MTI0Mjk2MzY5MjU0ODQ4GAA&sigh=VrxPTB3ci40&uach_m=[UACH]&cid=CAQSGwDq26N91Uu8UDNcDBBk-eYI7i5IOjbyHnY4ChgBIBM&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Jan 2023 02:46:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 839D 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:43:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B4D4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 705501d23f1153abd238587939c61c8a4040246d47873277253c2c7f3605e326

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame EBA8 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:03:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 839D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

87ms
82ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
expires: Sat, 14 Jan 2023 02:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D299 0
0 62ms
62ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdOLVjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTFAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqXoGGteqJYM5rKPfFiXddWp4HnHstkVv-jvBjfCJjF0YFcVEV5ZYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MTI0Mjk2MzY5MjU0ODQ4GAA&sigh=upddPksYb5A&uach_m=[UACH]&cid=CAQSOwDq26N9tGSHT-k9IYywfqPCj3MmOxrkJ6rMjePyqbOkzztsqUk1I1brp_LGGOyPkEI2TSt0Skwc3WHQGAEgEw

Requested by

Host: newyearonline.com
URL: https://newyearonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=250&adk=1089913611&adf=3416974341&pi=t.aa~a.2241233134~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1673664396&rafmt=1&to=qs&pwprc=4932413235&format=317x250&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664396051&bpp=1&bdt=1913&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2186a265083f2f5d-22619e1c45db00b2%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ&gpic=UID%3D00000ba22c4b0f03%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1276&ady=1429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&psts=ACgb8tunOVANbWH8yjeIda0hByg8-c9lqAVEBBl6-LY9_gesi7rg4oZdcDAUwyfQ38_MMRQiBsvDLMF9RNYE5bro_w&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EzaIn5KbOB&p=https%3A//newyearonline.com&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 14 Jan 2023 02:46:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D299 0
0 703ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kbbed6f94873bp260rgjdjs0azq2ezy603y3jgwhm9nxnj78sk7f7hrz5v4tv7g1y23fsafgdjpr492xzaazx4556d3rsevh8taw7jf3bxy9fkt1e11z1677bgr2j1jgrc769qmmr0d98rht22mefrk90w7jjkkbb13ejyhq2f74hr3r89dp6d5wyvgr8hgsezb7m7e3yjhrc5cvkz4q20jg5xf41k5y8yryxs2818fs6ghbzcv7e1t2f38m439knq4hm2k7nz4k7cj4a984vb6edr65y3bx93g7bwjwg4xtv5dqxw93vef9n2gh7f07xm6m0h44rq9q0hbsft9kqwr2n5zb2g1rgqkf9jzqt7kws94cpaya0bb5e7zqwpqwa60&b=Y8IXjAABSA4Kd_5IAAkbaYnJlUeVg6KPROZNyw
Requested by: Host: newyearonline.com
URL: https://newyearonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 14 Jan 2023 02:46:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame CE08 2 KB
2 KB 57ms
26ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jey3y1h49j6ys4221rr6rvr80jff4fchg70dp55wnsqfy28hhxsacmjtgv5jd25fdp3qdddrqqnq80nfwcrqqfr9xsga52f6kq55vdy69k346g347aahtrn0q0w9xkfcqcykxtbg5rmgz6tz86w8gga43hcx2recpje0emdh20s5s4edfpeszf6qcxk273x0a2sr2f88qkfyf7zc9xycswv0qgajw9az77tn02t16p4xhr9kw788g2b0esybmrx0b8kzd0qv66tssxxw6wfdvz545pgcprhxr2wbxb5m17g3y1z4naxvs9xc7jgvvd2pxwnx9j53wp5yqedr3xa2s7mp9afznnnybq7e6mwkrj3fsbynq5mwrqtmajmchwpfnr0zzwses66ymfzr5tnd8smqzmfyh4e4c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%26client%3Dca-pub-5124296369254848%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=250&adk=1089913611&adf=3416974341&pi=t.aa~a.2241233134~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1673664396&rafmt=1&to=qs&pwprc=4932413235&format=317x250&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664396051&bpp=1&bdt=1913&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2186a265083f2f5d-22619e1c45db00b2%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ&gpic=UID%3D00000ba22c4b0f03%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1276&ady=1429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&psts=ACgb8tunOVANbWH8yjeIda0hByg8-c9lqAVEBBl6-LY9_gesi7rg4oZdcDAUwyfQ38_MMRQiBsvDLMF9RNYE5bro_w&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EzaIn5KbOB&p=https%3A//newyearonline.com&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7960cca05787df7987c44a850f3f86268a0defaadb92f80f360771092092f24

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78930aceebb89195-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame D299 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 392C 1 KB
643 B 74ms
73ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 07:28:03 GMT
etag: 48472445140208031
expires: Sat, 14 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame D299 18 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D299 0
0 42ms
40ms Image
text/html 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3bu4olUvSUa529Nh_0NIAGKHjcbtnhm-zqhHW94taqnwdEhQm7X50-bG6A7s8bNKnTtmUkWn1AQpFZ-z7gH7NNUe92Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=250&adk=1089913611&adf=3416974341&pi=t.aa~a.2241233134~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1673664396&rafmt=1&to=qs&pwprc=4932413235&format=317x250&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664396051&bpp=1&bdt=1913&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2186a265083f2f5d-22619e1c45db00b2%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ&gpic=UID%3D00000ba22c4b0f03%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1276&ady=1429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&psts=ACgb8tunOVANbWH8yjeIda0hByg8-c9lqAVEBBl6-LY9_gesi7rg4oZdcDAUwyfQ38_MMRQiBsvDLMF9RNYE5bro_w&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EzaIn5KbOB&p=https%3A//newyearonline.com&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D299 157 KB
48 KB 58ms
58ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 02:46:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5AE6 8 KB
895 B 68ms
67ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 02:02:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 02:46:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 5AE6 2 KB
765 B 40ms
40ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 5AE6 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Jan 2023 02:06:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 5AE6 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 5AE6 18 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jan 2023 19:08:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AE6 157 KB
48 KB 78ms
77ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 02:46:36 GMT

GET
H3 200 3dc49c9b9e6a6b78323daad710439309.js Show response
www.gstatic.com/mysidia/ Frame 5AE6 33 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14046
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 01:56:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 642D 0
0 53ms
52ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=4022692958424754&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D299 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e1addc6bee8895f25ea48a5d39ba47f4d452d07348da2eb0688ec5f06a8aec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame CE08 89 KB
11 KB 16ms
16ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jey3y1h49j6ys4221rr6rvr80jff4fchg70dp55wnsqfy28hhxsacmjtgv5jd25fdp3qdddrqqnq80nfwcrqqfr9xsga52f6kq55vdy69k346g347aahtrn0q0w9xkfcqcykxtbg5rmgz6tz86w8gga43hcx2recpje0emdh20s5s4edfpeszf6qcxk273x0a2sr2f88qkfyf7zc9xycswv0qgajw9az77tn02t16p4xhr9kw788g2b0esybmrx0b8kzd0qv66tssxxw6wfdvz545pgcprhxr2wbxb5m17g3y1z4naxvs9xc7jgvvd2pxwnx9j53wp5yqedr3xa2s7mp9afznnnybq7e6mwkrj3fsbynq5mwrqtmajmchwpfnr0zzwses66ymfzr5tnd8smqzmfyh4e4c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%26client%3Dca-pub-5124296369254848%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jey3y1h49j6ys4221rr6rvr80jff4fchg70dp55wnsqfy28hhxsacmjtgv5jd25fdp3qdddrqqnq80nfwcrqqfr9xsga52f6kq55vdy69k346g347aahtrn0q0w9xkfcqcykxtbg5rmgz6tz86w8gga43hcx2recpje0emdh20s5s4edfpeszf6qcxk273x0a2sr2f88qkfyf7zc9xycswv0qgajw9az77tn02t16p4xhr9kw788g2b0esybmrx0b8kzd0qv66tssxxw6wfdvz545pgcprhxr2wbxb5m17g3y1z4naxvs9xc7jgvvd2pxwnx9j53wp5yqedr3xa2s7mp9afznnnybq7e6mwkrj3fsbynq5mwrqtmajmchwpfnr0zzwses66ymfzr5tnd8smqzmfyh4e4c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%26client%3Dca-pub-5124296369254848%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 309560
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5TJ%2FvwYFhiJ%2FxInKpzgc79EZ1J7uhRrRsMCBoSrEFPjj8MLMRGcy1Hqc4IckfmyW6ByaC9Ywu8nvqBwgS7%2FjGMaMCSwNdX0bnqqZXsXCJBPmHWqUs1uppbCabo%2B3E5%2BqUp1%2BB4Y5w0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 78930acf2bde9195-FRA
expires: Sat, 14 Jan 2023 03:46:36 GMT

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame CE08 36 KB
12 KB 37ms
23ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jey3y1h49j6ys4221rr6rvr80jff4fchg70dp55wnsqfy28hhxsacmjtgv5jd25fdp3qdddrqqnq80nfwcrqqfr9xsga52f6kq55vdy69k346g347aahtrn0q0w9xkfcqcykxtbg5rmgz6tz86w8gga43hcx2recpje0emdh20s5s4edfpeszf6qcxk273x0a2sr2f88qkfyf7zc9xycswv0qgajw9az77tn02t16p4xhr9kw788g2b0esybmrx0b8kzd0qv66tssxxw6wfdvz545pgcprhxr2wbxb5m17g3y1z4naxvs9xc7jgvvd2pxwnx9j53wp5yqedr3xa2s7mp9afznnnybq7e6mwkrj3fsbynq5mwrqtmajmchwpfnr0zzwses66ymfzr5tnd8smqzmfyh4e4c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%26client%3Dca-pub-5124296369254848%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653d5d8d92af158103ec840c38deff5b257d193fad691c816afc2b67c3e3fdfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:18:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 332875
etag: W/"efdee0a9d60608a1063e7dc3a6f356bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=314G1JqKAj8VIcQEB1sbR27YcQD4HEiSItynQfnhKaM5q3v0cz85rQOOOa%2BzVfoYrRgHKomn6EDhNQmCcH3wPxuS1D%2Bw33D066K4Hckx38olpyB%2Bw%2BmVWLuhbJKCiCltu0iTlF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78930acf3bf29195-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 10 Jan 2023 06:18:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A16 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:43:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 392C 0
191 B 106ms
13ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEPOd1sEqR6M3GTTF4Q2ZcRU&google_cver=1&google_push=AavPq0OiSm4q18B0yjz2A-NF4xbH0ClwCSegBjgvI-RTEebBZhHRVSNLEEFgV7eI86GtcOMW2DDa3wzGiIgFvnDSwA_1-KqhpoHozEI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5124296369254848&output=html&h=250&adk=1089913611&adf=3416974341&pi=t.aa~a.2241233134~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1673664396&rafmt=1&to=qs&pwprc=4932413235&format=317x250&url=https%3A%2F%2Fnewyearonline.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673664396051&bpp=1&bdt=1913&idt=1&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2186a265083f2f5d-22619e1c45db00b2%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ&gpic=UID%3D00000ba22c4b0f03%3AT%3D1673664395%3ART%3D1673664395%3AS%3DALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=4632357276354&frm=20&pv=1&ga_vid=1353498027.1673664395&ga_sid=1673664395&ga_hid=662859201&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1276&ady=1429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44779794%2C31071301&oid=2&psts=ACgb8tunOVANbWH8yjeIda0hByg8-c9lqAVEBBl6-LY9_gesi7rg4oZdcDAUwyfQ38_MMRQiBsvDLMF9RNYE5bro_w&pvsid=4022692958424754&tmod=1458073932&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EzaIn5KbOB&p=https%3A//newyearonline.com&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 14 Jan 2023 02:46:35 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 392C
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIp5lkplwOjx4mAVu37833E&google_cver=1&google_push=AavPq0PKxYE-k3iFxf8tvPdFYWziBAbBtak-i4vSeEQuW1_0tcbpLVRnp0LfUz5GoUg-VmlY39JMhJHhOsEX28-I9ilXyN9H8L1ZEg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0PKxYE-k3iFxf8tvPdFYWziBAbBtak-i4vSeEQuW1_0tcbpLVRnp0LfUz5GoUg-VmlY39JMhJHhOsEX28-I9ilXyN9H8L1ZEg&google_hm=Q0FFU0VJcDVsa3Bsd09...

170 B
232 B

50ms
50ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0PKxYE-k3iFxf8tvPdFYWziBAbBtak-i4vSeEQuW1_0tcbpLVRnp0LfUz5GoUg-VmlY39JMhJHhOsEX28-I9ilXyN9H8L1ZEg&google_hm=Q0FFU0VJcDVsa3Bsd09qeDRtQVZ1Mzc4MzNF

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 02:46:36 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0PKxYE-k3iFxf8tvPdFYWziBAbBtak-i4vSeEQuW1_0tcbpLVRnp0LfUz5GoUg-VmlY39JMhJHhOsEX28-I9ilXyN9H8L1ZEg&google_hm=Q0FFU0VJcDVsa3Bsd09qeDRtQVZ1Mzc4MzNF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 392C
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHqvzOxJBuh0S2GNJrUgmko&google_cver=1&google_push=AavPq0PdUa7Acc5TugK4HN5Kmca9eFVNAigrO05Ii-HQo0OeQUh3bVUFZSNPehx7swe_vDjNJoSkTKjYcP3lcvsz...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7Lj_AsSrS8GVAI2wqTh8tw2&google_push=AavPq0PdUa7Acc5TugK4HN5Kmca9eFVNAigrO05Ii-HQo0OeQUh3bVUFZSNPehx7swe_vDjNJoSkTKjYcP3lcvszHZRCeQHjVFmeKzg

170 B
232 B

46ms
46ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7Lj_AsSrS8GVAI2wqTh8tw2&google_push=AavPq0PdUa7Acc5TugK4HN5Kmca9eFVNAigrO05Ii-HQo0OeQUh3bVUFZSNPehx7swe_vDjNJoSkTKjYcP3lcvszHZRCeQHjVFmeKzg

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 14 Jan 2023 02:46:36 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7Lj_AsSrS8GVAI2wqTh8tw2&google_push=AavPq0PdUa7Acc5TugK4HN5Kmca9eFVNAigrO05Ii-HQo0OeQUh3bVUFZSNPehx7swe_vDjNJoSkTKjYcP3lcvszHZRCeQHjVFmeKzg
x-host: tde-deliveryengine-production-fb497649f-jxh94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 392C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECPqFV6J2Gx8hVh3HabF4mo&google_cver=1&google_push=AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdilqp-ou...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECPqFV6J2Gx8hVh3HabF4mo&google_cver=1&google_push=AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdi...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdilqp-ouDAT3fmPLFQ&google_hm=hNRi_rmYTgeXlvey0UCLsA==

170 B
232 B

45ms
43ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdilqp-ouDAT3fmPLFQ&google_hm=hNRi_rmYTgeXlvey0UCLsA==

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdilqp-ouDAT3fmPLFQ&google_hm=hNRi_rmYTgeXlvey0UCLsA==
date: Sat, 14 Jan 2023 02:46:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 392C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDM58_mm7DfKCI6SDDfUYUA&google_cver=1&google_push=AavPq0N__KL6IbjgeyScQexE8QmjS4zUs9qKtLuJg91IGE4CmEt1aZrb-Sfu6Bw2jLdM_DoS3prC1iTdKm9sgHdPDFiB-KY...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N__KL6IbjgeyScQexE8QmjS4zUs9qKtLuJg91IGE4CmEt1aZrb-Sfu6Bw2jLdM_DoS3prC1iTdKm9sgHdPDFiB-KYV9uB8QGs&google_hm=eS1JUGoub09SRTJwRi5...

170 B
329 B

45ms
44ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N__KL6IbjgeyScQexE8QmjS4zUs9qKtLuJg91IGE4CmEt1aZrb-Sfu6Bw2jLdM_DoS3prC1iTdKm9sgHdPDFiB-KYV9uB8QGs&google_hm=eS1JUGoub09SRTJwRi5EekFvWFFPOFJ2SHFnakZ5bWpJTX5B

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 14 Jan 2023 02:46:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N__KL6IbjgeyScQexE8QmjS4zUs9qKtLuJg91IGE4CmEt1aZrb-Sfu6Bw2jLdM_DoS3prC1iTdKm9sgHdPDFiB-KYV9uB8QGs&google_hm=eS1JUGoub09SRTJwRi5EekFvWFFPOFJ2SHFnakZ5bWpJTX5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 392C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKT6YPAtSeNhEoz6LbCcWdk&google_cver=1&google_push=AavPq0PZr5XPTzfuKjOro0dBQUhquhFaD-5swSYrv9qgGFqxteHyhSaXX43NEDetSPXFlCW0Z0...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKT6YPAtSeNhEoz6LbCcWdk&google_cver=1&google_push=AavPq0PZr5XPTzfuKjOro0dBQUhquhFaD-5swSYrv9qgGFqxteHyhSaXX43NEDetSPXFlCW0Z0...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uMmVZbUw5RTJ1RkswTlhDc2k1Ymg2ZktJc0lnYzZTMH5B&google_push=AavPq0PZr5XPTzfuKjOro0dBQUhquhFaD-5swSYrv9qgGFqxteHyhSaXX...

170 B
232 B

86ms
86ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uMmVZbUw5RTJ1RkswTlhDc2k1Ymg2ZktJc0lnYzZTMH5B&google_push=AavPq0PZr5XPTzfuKjOro0dBQUhquhFaD-5swSYrv9qgGFqxteHyhSaXX43NEDetSPXFlCW0Z0H45Smkh4GdbggisXOFc1cy06O12kBo

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uMmVZbUw5RTJ1RkswTlhDc2k1Ymg2ZktJc0lnYzZTMH5B&google_push=AavPq0PZr5XPTzfuKjOro0dBQUhquhFaD-5swSYrv9qgGFqxteHyhSaXX43NEDetSPXFlCW0Z0H45Smkh4GdbggisXOFc1cy06O12kBo
date: Sat, 14 Jan 2023 02:46:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame 392C
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGhe2i0LrL8axFJY7i9J-xU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PiBlKHV3Vm8Rma1CMkab3t3NCnKbg4pI4Hp11HG-wpQ68pUv733JBg28E4161HW9Kg2_-cy1QQZOSOWtNTLvZgkZg5VMBUIowo
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

65ms
65ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Sat, 14 Jan 2023 02:46:37 GMT
pragma: no-cache
date: Sat, 14 Jan 2023 02:46:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 392C 0
223 B 121ms
45ms Image
text/html 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JibHJAkJgwJkhu_qDP7bD3qXxs3mkp7RdIziUlr0Gvw2jnLaNJjG8z-uq8Ng7leXMfHsPkixk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A16
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
expires: Sat, 14 Jan 2023 02:46:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CE08 3 KB
4 KB 47ms
16ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30568678
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1QuWLbKv4MYIzSgiZSt8R7y1ouadzJHd6hh%2FDIqt1uhjz6DkCHzyTt9Q9lQnDRZ9EGxRfYCBi5KTM%2FZySqOAXPTNk1RAJGsMulLGspwx6o7aaYPuWGE14TR%2FPoNK41trCkeSOEf7xHoqk9cvRyf%2BkQy"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78930acfbe02bbd3-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 76E9 2 KB
1 KB 17ms
17ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 115043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78930acf8e1b5bf5-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 02:46:36 GMT
expires: Thu, 12 Jan 2023 18:57:16 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNr7tQNCXO8QhwZPYf4kfueCbcnQZYGivsJRYfCKhirZi1TDQQR8VqfPb9SbVv6g1E9PQ34%2FCsHwBI9Q%2BGCWnOGlc87xDypIWKs7FkeM5sCP%2BAJboxQQO91FJ4nEtjh6IDFdU5c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame CE08 1 KB
2 KB 27ms
27ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58d5e8e476a6e7c0ac4c571adac23fc9f9a3a8b2a1d1b983a3da05638107382

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Jan 2023 02:46:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08HckLvQEfJJTyhAeEFvj1HQ8WTxR9r9iz6Bc1bJ5mzS196gS8ClSKiFtdAF6wDRiGMYWTIGbr6dib8CiEGIRQVSboCh%2BlQah2Ef3TJQ9hIdJS%2FRTGpd4aiWb0z3PrwFxIEBelQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78930ad06b1a91f3-FRA
x-backend-server: aa-reachservice-group-europe-west1-n39k
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 39ms
28ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78930ad03afe91f3-FRA
content-length: 24
content-type: text/plain
date: Sat, 14 Jan 2023 02:46:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4ComQEaQ0sTd37uFDtq7M5fvDpv0G6jPwQN%2FGqt69f%2Bvl0Ucm6tabBfxH%2BEElxI43c1U1T6Ed94OsmPyFs9xHikD%2Bpl6nXintZT8cbWqiUjHvYSpn%2BClC5rNp%2FvKUjrbSJb6Dw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n39k

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EF1 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: newyearonline.com
URL: https://newyearonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 10:03:30 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame C708 12 KB
4 KB 30ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01b2dd3ce330716dfd1b6c0c4b4ecdd03b91ad6bd2e72ab884d11b40fbc4a188

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jey3y1h49j6ys4221rr6rvr80jff4fchg70dp55wnsqfy28hhxsacmjtgv5jd25fdp3qdddrqqnq80nfwcrqqfr9xsga52f6kq55vdy69k346g347aahtrn0q0w9xkfcqcykxtbg5rmgz6tz86w8gga43hcx2recpje0emdh20s5s4edfpeszf6qcxk273x0a2sr2f88qkfyf7zc9xycswv0qgajw9az77tn02t16p4xhr9kw788g2b0esybmrx0b8kzd0qv66tssxxw6wfdvz545pgcprhxr2wbxb5m17g3y1z4naxvs9xc7jgvvd2pxwnx9j53wp5yqedr3xa2s7mp9afznnnybq7e6mwkrj3fsbynq5mwrqtmajmchwpfnr0zzwses66ymfzr5tnd8smqzmfyh4e4c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%26client%3Dca-pub-5124296369254848%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78930ad0ff3f5bf5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 02:46:36 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F52C 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmGxE2Qp16lgRREhtYSmjwO8znYdA6MeqOspaEd6tAHF2e7z9Ivi1qMnWidfLENmtVreg95Em-NQgFJ9BGm1QJMvNPgOG4Q6VEG5JnDHEQAIrmSW4znSgRvadR0Lh3gDUqqzrZAg&sai=AMfl-YRvgDGXAN2DvgKcWl1d3XEx5NOO-MWYElOdxWWvvoY2irg5Bfnc-EGxHDupeYwaG0IV1ZQfpaQgzsPIDL8&sig=Cg0ArKJSzEl4eS-ZFvF2EAE&cid=CAQSGwDq26N9o8-E9pXgsKJUW3CLenJSRFlx4HzjLBgBIBM&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1005859416&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673664395067&rpt=849&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame C708 89 KB
11 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 309561
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZSQvxjZWiVBMBXHO7F2EUUuO%2BSNDxfMXQShkLVitG%2FGMZoMmM%2BS0%2FzxRo4GOSQW9ZUQ7VpTvOJQapwl%2FQjrg51AjHkUlPgpskbhqT9P8IxdlR%2BxKnPuqBbZplib3gjXnLuZhSI9aVI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 78930ad13f6b5bf5-FRA
expires: Sat, 14 Jan 2023 03:46:37 GMT

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame C708 16 KB
16 KB 38ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2105589
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYeHYtmUP7S04Yi1EnkQJoSwZPDFF1AYllDz33BSbnUbmk6%2FkasfdAd2FjEXH00tuHZvIit22Q86ZUzOlzHf7RhViSNom0OpZG%2BnKSJUwlc59%2Br61z70K4j1pc7pAxhWCnZZ27c7rPf7sy%2BY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78930ad15d8a9195-FRA
expires: Sun, 15 Jan 2023 02:46:37 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame C708 222 KB
222 KB 25ms
15ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 942554
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQZMp5a0cgl2NBobzQQLZzDaAmdDSz4gRw%2FpXYv4F91c1HUcSs8lPJAq0F05Q%2Fccy%2BHA7lpSNvhl%2FGJOvtHocRhQQWcKmWNmsYwO1Epq2qdK1dDzYWiZVKL5z04e4fdNoT8tvYU9Fx8rR2aO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78930ad15d8b9195-FRA
expires: Sun, 15 Jan 2023 02:46:37 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame C708
Redirect Chain

https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1673664397_aa38db90-93b5-11ed-a520-22653408fd8a&insert=AW&&gdpr=0&gdpr_consent=

0
639 B

73ms
35ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1673664397_aa38db90-93b5-11ed-a520-22653408fd8a&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
via: 1.1 additional-webserver-blue-115j (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 525241573
cache-control: no-cache
cf-ray: 78930ad349e82be8-FRA
expires: -1

Redirect headers

Date: Sat, 14 Jan 2023 02:46:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1673664397_aa38db90-93b5-11ed-a520-22653408fd8a&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
assets.ad4m.at/logo/ Frame C708 3 KB
4 KB 24ms
14ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 288062
cf-polished: origFmt=png, origSize=11554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3224
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 07:30:35 GMT
server: cloudflare
etag: "1ca6a79380ae53c080c2e12b38bdb5eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FObEEBogQXTVcUpOt6QBqvdZiFkNu3HCiToWwMul4OjNSknVv5CNRUaQTRc0CUv9uMxWIZc47WHmcCvpJnAnXdWUUK%2BeHYNQoJIVKYlpNUtq9PV%2F%2FgzAExsohu7I8BoLYlgKjgdFaMVoI%2FzV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78930ad15d8d9195-FRA
expires: Sun, 15 Jan 2023 02:46:37 GMT

GET
H2 200 43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
assets.ad4m.at/product_image/ Frame C708 296 KB
296 KB 32ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 288062
cf-polished: origFmt=png, origSize=466926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302728
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 12:39:43 GMT
server: cloudflare
etag: "45f5fed59fc1f13fbebb41146459eb81"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18xjQ29SwjFttjrMF2cFFefbQld%2BC3PhOctTHhhkDGnaTPfwJ1YHg9Awy4v9trXK%2Fe89zfGtjmCgorLPnu35xMqLujnI54SbGXT05zJ0akdY1t0G61oV8ZBbr08O3c4qmm5hIlXY712KQ0iE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78930ad15d8e9195-FRA
expires: Sun, 15 Jan 2023 02:46:37 GMT

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame C708 127 KB
128 KB 32ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1739555
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvgHt3avWFf94BPkbEOqA44ObWfBicgO5qyWupxythPDdRnPPSH9KNkytyAeD%2Bq0Yc%2B4kbem1U6%2BvSn7l6k2BCfxKzZwYDC4CfS%2BvEIkAOAq%2FmYGH3PZBYoSiRpAshmAwHVxmlmRKO9f6BxD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78930ad15d909195-FRA
expires: Sun, 15 Jan 2023 02:46:37 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame C708 461 KB
462 KB 32ms
23ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1666760
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFD8ZX71C5PXP%2BsnkAYuZoN6qu5YeQm%2FWQfZ4X9LFVhUMot0dVrOQnQ0f1kT8xyNodwksVXNAyEzxTeP92nhb8n8O52F17pFAOWYGlkVxrUx3qpyhdzbUG2sUizYKFak63HLOEpcqAyLtYsc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78930ad15d929195-FRA
expires: Sun, 15 Jan 2023 02:46:37 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame C708 2 KB
2 KB 148ms
59ms Script
text/html 13.41.252.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kyc39zk9vad4263gfr3c0zejgbzd4zfbqgyympgkj63er5yxcgv2ajbv037d5y6p3jc7gms93ersjsqwy0mmn5bm918x9ctkw7d2axf8bf99pdjkr02wdc51dcwdhymt2j9ets7b8stpwrhx7gh84jk610zrxqf4j941dw9z5aq3rz53ymzyz3wj2gqx58fahe4d61ery8q0t9xkdxxb5k4g981827ge1xjfd9jdt3t6f7f3ahqskfpg98q8x109572r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%252526client%25253Dca-pub-5124296369254848%252526adurl%25253D&clickref=oneidprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaEoneid__dc_reach_suite02wkz&viewref=oneid54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.252.217 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ddc1bc778beeb7c63835cb4e310c1be091d1add0cbb846563d49e727a8f17418

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
last-modified: Sat, 14 Jan 2023 02:46:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 14 Jan 2023 02:47:37 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame C708 1 KB
2 KB 162ms
73ms Script
text/html 13.41.252.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k5h17q9ray4a7c0npfw97x5xqns1vbhv0p9zw7rm4vekjrhfbdgeb4sejxs50y8yb5t6mpve1978t6x0eqt43fbwcjcsx41qarmg408wda928hx6wy3p38jh171mf39zpkpg8fd3eqr2vj8sjp3hn12vaeg2wq7akf2w1drnc518n3036ey5dtmxscejkwfn92dpk7563fhzbj80dapay598kn17hf9tea8ywqrm9zhnnh3jnnrmre1x50fx6jrdk0g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%252526client%25253Dca-pub-5124296369254848%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.252.217 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 98318f0abe3d463518bae7374ba21a94ea91d1a6b5d3367d5daee5ff5e639ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
last-modified: Sat, 14 Jan 2023 02:46:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 14 Jan 2023 02:47:37 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame C708 85 KB
31 KB 68ms
6ms Script
application/javascript 65.9.66.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kyc39zk9vad4263gfr3c0zejgbzd4zfbqgyympgkj63er5yxcgv2ajbv037d5y6p3jc7gms93ersjsqwy0mmn5bm918x9ctkw7d2axf8bf99pdjkr02wdc51dcwdhymt2j9ets7b8stpwrhx7gh84jk610zrxqf4j941dw9z5aq3rz53ymzyz3wj2gqx58fahe4d61ery8q0t9xkdxxb5k4g981827ge1xjfd9jdt3t6f7f3ahqskfpg98q8x109572r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%252526client%25253Dca-pub-5124296369254848%252526adurl%25253D&clickref=oneidprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaEoneid__dc_reach_suite02wkz&viewref=oneid54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:31:18 GMT
content-encoding: gzip
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4520
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: E_mqecy0SZ6AcoxzFdV8_ytVmOyactQvo7QjDXHn9faCqtIbHwz4JQ==

GET
H2 200 1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif
cdn.track.production.webgains.team/295140/ Frame C708 19 KB
19 KB 48ms
6ms Image
image/gif 99.86.4.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1673664697&Signature=IXWwbSIPt2P740Z453Hy0eReiw6N7bZm6kcnyAaIEKljbuN22uJtqueHqd5cMQPeluV3TvRc0eWDH~07emPCBlTzXAvC3r09WOd8nBjiV6p-ij6l0DqH6Udb2AAyxL85h8U-bPsmsdL-AnzPPUpo9f6e0owCzK7L6Pqr-1RI0E56u9KQJcREsk1P83CDncNyTSyG2R~PEvCUweMNqgRotdok2yR253VswmfgEkHfEDXuY6ImRRY7Y0rWJeSgaXCtj4i90f4FPKYDTFkHfNZEz8OT62VW-8~7KL6lxNFYD-lg7Ab3p-B2gGWo7e7o~~koIMMIv6eb0mkCwTqi9PU83g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN (),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 14 Jan 2023 00:30:24 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 11:49:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 24327
etag: "c8717f93a87217b1c114134b189e2ca0"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 19052
x-amz-cf-id: SMLwTXyyF3aQ_T0YAKS4ufox__qd9Cbr1MMl7Ecuuh5bmyMANLx-JQ==

GET
H2 200 link.html
track.webgains.com/ Frame C708 48 KB
49 KB 88ms
88ms Image
image/gif 13.41.252.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=188429%2C321034%2C183975&b=3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad%2C54zSXfEfdzADUpH7HMt3tq7Z9cYSVTV4Qu1%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1&f=WKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2%2Cprmh1fgfKbJ4akH4HmtJC15Xec9SRTEXQaE%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV&c=300&d=250&e=&g=8a7cfd96839709822df86a8e43b27234%2F1441349466011970385&i=21596%2C111584%2C20597&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1673664396877&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g08wegpwxrqnf3zsn9a20k9m64cgnz2vjn8qtth26qxm461bxdxex7pswtzsmsh3zzxbsmjphdp733kzge6s1jbxh6fa6kysf59rdfm4jcec18gzx9k8drsr3qpg2n8v59z979vvk0cpe2rtkt2yfabbchb90sdem1eyx2cmvsp467qjbp7d4rs4pnf888d5ppxx004j8j9m6vhd1exg8gm8w8gx2zepg2dghn6tw2z30gkc8vhxknphs4zsjh3s053r9e1af7tp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVfSdjBfCY46QBcj83wPptqSwB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTUxMjQyOTYzNjkyNTQ4NDjIAQmpAl0ahl8AK7I-qAMBqgTIAU_QkA6bepsCuLl0NnZcfnq4syXTP2YYcv_Y66NOQTibUkzTytOQQXzkyNkwwN4qKgGaZGWU9zAUh3aJ_tGkDx8tN4qZmza6iWn8WtynfrwEtVdSETqJxjfKoUYbIWXLzLaEloaAqhkhpT-uPpP8OYKWVKArZ86hV4ga8OWt0qsnXRRS6opu5192oJjYgj1SARYr_mG5U9BIELxsuIUMqTgEO0V93AR5ZCSXgP-U55hBCntBvGt3J7sDxGJxGEM0DRCYyNaQi5YYgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0biEJO1v-nSsA56J7eWJBJTU5N_g%2526client%253Dca-pub-5124296369254848%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.252.217 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 02:46:37 GMT
last-modified: Sat, 14 Jan 2023 02:46:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 14 Jan 2023 02:47:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=4022692958424754&bg=!2tml2Z3NAAYDMoyoIzI7ACkAdvg8WhoQt5YmJmthZp7cceLX18tU5R4198UGByRMD-ARsmhMyf8TdQIAAACUUgAAAARoAQeZAqlcHU5TStLsY8JagX28neFtsjWThlZ_j7rFoUQtDlqcz2btNKaR40Q1lM-8DT8p0mnVEIlCDldL_OUOn3dpigFL8nlBYrhzQTlAj0YiYCUSSvq4Vq7CsZiC8V-Asqa9yhTU-zwqK-ljFUXry-hPtrA4pr8pQTYuVWnEPApE-NUlZ0eRQ9GgIf8ReHcHbqsgYvnbfjKD8ep1JAXL57-x_o27BrT3Ef6eTWh4jrt_fGbMEQpx2sdIMUb0uSGqlzz7OedyAIuBO0e4_K97Mc_AqfLnVz97l6uoyTTIewzxLzjBQYav1ZD3RWK1h88sWOuzBSmnDeZ2K711Vx_mRSkSA37hHVCCRN6nqYRsUDHhuua-GqrvikyuLEGz2qbEEF0HMACTWLIDoflLjwnenp65v4tYB4E3tVPij-34NRAwUZPUL6tVy1ddnbd_YEWH7nbce7qzBAtVC-aQAxLdcbEnVXjMlOJrzYQ33OgKhFSB7et7OK5S0vQ5D9w_2F6hPFqTadWIdLyGbl19eBx4-0zyxMaAljFrsXYWjUed19YGruthPY1jrD1IdVIfh-lVuqd0GESvJaCZpcQ54yXMQuxOli7YG44o1EjqAjX5FsAFc6-U8S5-2_0Re53CrfKwgCyeyQCQe29fM6fj2iOUCua7pRV-KwNB0jasQM6KtllxOSHOoWlBzMSZjp89rXFLnx6o4ZAkMJSJsUBC2qAZzWATtp3L52rHSJtBZyBaeMfxgaijmP-f4geUpSY_mlRCafY1n8cWdu5AbQeKwTiYKcWDA0pyrAIQcSKG4UaU6uvpsMXCDRV6KqK-a-y67i7_buhRXGArZ5F1KHTjsBAFHpOZd1W1kV5UP6YPyZjbIFG8PPric-hu8xv4wMAY7h66Rx7Lmre8cflIoJeTlFs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newyearonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B4D4 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6-Dm1j9oKmfeGxVRNRHB4n15wVifrHt5QXGHJOuFFrFfEYXO8rGvbsodO7RSC-Mt70xfat2f8yA_lQbe1-PdHEUq8r1FkkbDGA4SjJtRpKqizpYdo1sfbHTgAg9uBsYdWfF4-vQ&sai=AMfl-YQG2UWfUFFl4mV4FHwPbHFUans9bXqv0jNo6P8ct3sp2p_cadRnQ4-HK4K1h_GgTbDNvvEUHoAsJQyJ1Es&sig=Cg0ArKJSzJGu5gZ32RVaEAE&cid=CAQSGwDq26N91Uu8UDNcDBBk-eYI7i5IOjbyHnY4ChgBIBM&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=112,799,1002,1016,1016&tos=112,687,203,14,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673664396208&rpt=373&met=mue&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:46:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C708 16 B
232 B 62ms
62ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Jan 2023 02:46:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C708 16 B
232 B 67ms
66ms Fetch
application/json 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-46-115.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Jan 2023 02:46:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 222ms
21ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 14 Jan 2023 02:46:38 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 217ms
21ms Preflight 35.179.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.46.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-46-115.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 14 Jan 2023 02:46:38 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
newyearonline.com/	1970-01-20 17:50:05	Name: PHPSESSID Value: b69cm4nbddjoc3j7or7ijn7se2
.newyearonline.com/	1970-01-20 18:30:24	Name: _ga_EH6HBTCHGL Value: GS1.1.1673664394.1.0.1673664394.0.0.0
.newyearonline.com/	1970-01-20 18:30:24	Name: _ga Value: GA1.1.1353498027.1673664395
.newyearonline.com/	1970-01-20 18:16:00	Name: __gads Value: ID=2186a265083f2f5d-22619e1c45db00b2:T=1673664395:RT=1673664395:S=ALNI_MYuhIpsk5tAhIPIUpCmQXcbxj5SQQ
.newyearonline.com/	1970-01-20 18:16:00	Name: __gpi Value: UID=00000ba22c4b0f03:T=1673664395:RT=1673664395:S=ALNI_MZ-tXGU73pVCFmoCYTd0SVOT3vlbw
.doubleclick.net/	1970-01-20 18:16:00	Name: IDE Value: AHWqTUlU9n0zxaLDV5bxdl1KiV0_u8ZBqmsCfP-jSpoyn5ww4van5F_E9zy7qY3jpeg
.doubleclick.net/	1970-01-20 08:54:25	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 08:54:27	Name: DSID Value: NO_DATA
.analytics.yahoo.com/	1970-01-20 17:40:00	Name: IDSYNC Value: 18yx~29eq
.yahoo.com/	1970-01-20 17:40:21	Name: A3 Value: d=AQABBIwXwmMCEGYYlLEsUYuXo4E7lbjI_PMFEgEBAQFpw2PLYwAAAAAA_eMAAA&S=AQAAAjeQnrwMo5lHBozRO7g9XJ8
.agkn.com/	1970-01-20 17:40:00	Name: ab Value: 0001%3AoBvQCw8k65qw6MT7bRT9tVaPjyolGMTn
.agkn.com/	1970-01-20 17:40:00	Name: u Value: C\|0CEArVNQMK1TUDAAAAAAAAQ13AQCAAQpAAAAAAA
.travelaudience.com/	1970-01-20 18:24:38	Name: _tracker Value: %7B%22UUID%22%3A%22ECB8FF02-C4AB-4BC1-9500-8DB0A9387CB7%22%7D
.bidswitch.net/	1970-01-20 17:40:00	Name: tuuid Value: 84d462fe-b998-4e07-9796-f7b2d1408bb0
.bidswitch.net/	1970-01-20 17:40:00	Name: c Value: 1673664396
.bidswitch.net/	1970-01-20 17:40:00	Name: tuuid_lu Value: 1673664396
.bidswitch.net/	1970-01-20 08:54:24	Name: google_push Value: AavPq0PAfO68UaWyOO5qw7Xc2jfk1RFf7uPEyAcznCtYjUDaXkR0Yb_MCFkObab7nnnHRcMrDUCdqh79Psmhdilqp-ouDAT3fmPLFQ
.awin1.com/	1970-01-20 08:58:43	Name: awpv11354 Value: 412871\|1673664397\|aa38db90-93b5-11ed-a520-22653408fd8a
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377133:2470172
www.conrad.de/	1970-01-20 09:01:36	Name: HTLP_timestamp Value: 1673664397
www.conrad.de/	1970-01-20 09:01:36	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 08:54:26	Name: __cf_bm Value: 75QJLWCx_MX5CjubRnYJ2dBWKWhdHk.vbefkEog3enM-1673664397-0-AaZBaC0lZ6MRIq0mWleQ8jTEZ0vW1N89Au7mF0K/npV7Ml8P3T9JE2FirFblj/Swb39Kkvc2taw3UonZDGQe1uc=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-5124296369254848&fa=1&ifi=6&uci=a!6&btvi=3&xpc=HyS31y8kXg&p=https%3A//newyearonline.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.track.production.webgains.team
cm.g.doubleclick.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
newyearonline.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
region1.google-analytics.com
static-de.ad4mat.net
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.conrad.de
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.87.133.65
13.41.252.217
142.251.208.162
144.91.91.188
18.156.0.31
18.197.12.31
2001:4860:4802:34::36
23.203.125.36
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6812:7e05
2a00:1450:400d:804::2001
2a00:1450:400d:805::2002
2a00:1450:400d:806::2003
2a00:1450:400d:806::2004
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::2008
2a00:1450:400d:80e::2002
2a05:d018:d29:3605:9af0:2701:a426:d747
35.179.46.115
35.190.0.66
52.58.161.171
65.9.66.11
98.98.134.243
99.86.4.94
01b2dd3ce330716dfd1b6c0c4b4ecdd03b91ad6bd2e72ab884d11b40fbc4a188
0392472de79757a981cee4c4e7e9308c6b84684d5e12c17632efae40ce8c0397
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2933fb366213f9e5598e4fdb0a9e6f56791c8d831f6d5bcb4e4225fb723561
0f5801eb87c63838c03afb8d6b6d66c4f17d6393aa69af9443333f5a30e4c916
1423874154d166413313fdc4f1f751b52502bdcb9f6b1683784284f4f900a78d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
2aa741aea1b399d4545d09a3a7b04219c625f2a47f18cac49c602b80d26ed3f2
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3c1180ae8f0e8638da1470327c6bb6caf08950d974e1c34b901658777eeb7f4e
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
41dfc544d0e70a97371acea8f76c9d7fa8eb4959058d6c52268649b5a8a65855
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dfa86f94ee4e501095a852210d457e392cc722abd3c20294ba1eac2885bcda2
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
50c70c4f847870679537a5bece9980d36c1680f95c2c0bbb99c4e1c2ce6edab2
52392d39bfd9db0d609138ef34f8c7ffbe2b0e1ea60e1f9e04e5f9659b645e73
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1ebd76dd85c2246c3a91c84355c356fa8eaf32b6e8b5653b3db9e1aa565701
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633ba6ee8e1070849e92229fe6eb4df88edaf431230d8b13a31f0d2115775037
64f2f88cfd316d86e9a9a3da800d9e9b160b62c1351d32cc0d5dcb46bc39dd9e
653d5d8d92af158103ec840c38deff5b257d193fad691c816afc2b67c3e3fdfa
6e1addc6bee8895f25ea48a5d39ba47f4d452d07348da2eb0688ec5f06a8aec0
6f4320d8a38958b52b1b2a9889dba5b20b37846aa226eeed678bc4d8579a8717
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
705501d23f1153abd238587939c61c8a4040246d47873277253c2c7f3605e326
769a05f3c6d112a5b43fae43f0cf3a2b53902632add881d3c068891e159f99e2
858ea9ca402c560e6bcd7baf5139addf2511d60be3a30e8f379d16063767fbb9
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa
89dabbce3eae10a16557c7e06bec014e492af73b208adbde898349c3d013c1eb
92a2c146fa7f304dde7d4bd151a8cb92e62ba9504b22cdd80371116b509457f5
98318f0abe3d463518bae7374ba21a94ea91d1a6b5d3367d5daee5ff5e639ffd
9a4cd329a5814670f907f0d2530222b58adb10fb722bf4c1c382e5eaa6633ce9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1
a3e81c83783f9c8feab339eb3e5e564a0d2783c9df0d80e78f0ce4860d97423e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa9c29b5d6f92f27e7948dfbf3eb4c1e6440476a3846dcd246502ffc06aba5d9
b58d5e8e476a6e7c0ac4c571adac23fc9f9a3a8b2a1d1b983a3da05638107382
b5ec4de2d6a9cecad8e1a02db252f259fb6e564dc18f6f6221a163b90e86c2f9
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3e17a17900c8e61edb9589779a27e58af16fc876633811d3a78a9319578d155
c437ba5166746ed2bf220a7a580cd5bc9c8bdfbf896b0fc3ea3b23c3f192e6d3
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c58455f44246313ade0953fca2946d5ebb2e23d70d654477a13493c8db67853c
c6b2293735983abda130acb23af3f87dba35c098c579d07a61e6c492a9b72888
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cf21eea17015b59c5236fa11b548a38dba6edb19c6c6827ecc06824b28d0d14a
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d5a732dc3fa0ccff1e578db0948389414c7d69d1b1bcd320069ab0a19e00e69d
d5ea7d8915e1ed757926e459b67e3b0ee749ba9ccd2cebe9967e5f7441f82a42
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d792cd9fe9defeef80af2f84af745f52a8526a27cad7b2dee625da6a101e498f
d9ea1b70fe84348e44dc056216440f70e2aebbb08441d691ef732a8717f4af5b
da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
ddc1bc778beeb7c63835cb4e310c1be091d1add0cbb846563d49e727a8f17418
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0fc1d6d76c4dc07d9b328ab29b2edd6c01fefc75c6fdcd16862f33af90eb651
e27a96534acb5a5e6c433277c8e372d3639ce3d2341f416f9e9386e7cf9244dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e64b0a19dc92b8c40d9e98bb78ad4ac4dffd31c97be6d84594398f6b9dc8f01d
eaf6ce592db42405fb7bcb7fa4bc5e1d5c07ac9bf2ab91c910667af393ff5560
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
eccf6cfccaecab007c60e2f204c52ea9731b408a114cc4b4d2c32f5f42ce2823
ed4405868f9d9bfeaa2379eb2221385d4650cb7182919263d3d2c6e53faa201f
ee4faaed51a230b371a20f4dbe1551889b4eb9636f0a72e03332f4af24834be7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa11dcf4bb4bdf092fed6957fa0df567592f815e7aa638f45c9d63033f544c0
efaee115f8c9c7c11e2e17bd4d580db1136571500686a8f68cdba7a5117576a6
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f263ab67855814c593f1397b3e77e0d8aff0fef10bfab3dcfdc8bcaec585d33e
f27e386cd47d5a3a9577f0e0d034b72a49d7da8bd33f0a92c68cf168f06900f5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7960cca05787df7987c44a850f3f86268a0defaadb92f80f360771092092f24
f836c83d891f490adfb8e30f2bb240538b36b837d92af0ad2a4a7d040353a09a
f93e3de20ce792ec126cba2c1a9e7b17c8a5021f25cd384cb1459e8dcb12b7c8

newyearonline.com Open in urlscan Pro 144.91.91.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

95 %HTTPS

57 %IPv6

24 Domains

33 Subdomains

25 IPs

5 Countries

3163 kBTransfer

5054 kBSize

22 Cookies

4 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newyearonline.com Open in urlscan Pro
144.91.91.188 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

95 %
HTTPS

57 %
IPv6

24
Domains

33
Subdomains

25
IPs

5
Countries

3163 kB
Transfer

5054 kB
Size

22
Cookies

139 HTTP transactions
3 data transactions