ktar.com Open in urlscan Pro
104.198.205.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ktar.com/
Effective URL:
https://ktar.com/
Submission: On October 24 via api (October 24th 2021, 2:01:27 am UTC) from QA — Scanned from DE

Summary HTTP 428 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 56 IPs in 7 countries across 51 domains to perform 428 HTTP transactions. The main IP is 104.198.205.129, located in United States and belongs to GOOGLE, US. The main domain is ktar.com.
TLS certificate: Issued by R3 on October 6th 2021. Valid for: 3 months.

This is the only time ktar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 73	104.198.205.129 104.198.205.129	15169 (GOOGLE) (GOOGLE)
2	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
6	104.18.6.120 104.18.6.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.197.229.45 54.197.229.45	14618 (AMAZON-AES) (AMAZON-AES)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
3	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
9	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
3 14	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
5	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
4	54.146.124.230 54.146.124.230	14618 (AMAZON-AES) (AMAZON-AES)
21	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
12 19	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
1	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
2	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1 2	74.125.140.157 74.125.140.157	15169 (GOOGLE) (GOOGLE)
2	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
9	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
2	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
7	34.95.89.54 34.95.89.54	15169 (GOOGLE) (GOOGLE)
83	104.26.11.209 104.26.11.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
12	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 5	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
23	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	3.8.79.110 3.8.79.110	16509 (AMAZON-02) (AMAZON-02)
7	104.26.7.27 104.26.7.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.26.10.209 104.26.10.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 9	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
10	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
3	35.187.117.15 35.187.117.15	15169 (GOOGLE) (GOOGLE)
6 6	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
3 3	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
2	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
5	143.204.98.117 143.204.98.117	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	213.133.107.215 213.133.107.215	24940 (HETZNER-AS) (HETZNER-AS)
1 2	195.201.218.101 195.201.218.101	24940 (HETZNER-AS) (HETZNER-AS)
10	54.75.239.54 54.75.239.54	16509 (AMAZON-02) (AMAZON-02)
4	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1 1	34.243.196.142 34.243.196.142	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
428	56

73 104.198.205.129 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 129.205.198.104.bc.googleusercontent.com

ktar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
arizonasports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.6.120 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.197.229.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-45.compute-1.amazonaws.com

embed.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

arizonasports.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.100 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.146.124.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-124-230.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.134 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

10288467.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10620649.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9445712.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10625865.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9919737.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.11 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.140.157 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wq-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f106.1e100.net

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.95.89.54 (United States)

ASN15169 (GOOGLE, US)
PTR: 54.89.95.34.bc.googleusercontent.com

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

83 104.26.11.209 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.228.74.133 (United Kingdom) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.8.79.110 (London, United Kingdom) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-79-110.eu-west-2.compute.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.26.7.27 (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.26.10.209 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.239.217 (Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.187.117.15 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 15.117.187.35.bc.googleusercontent.com

neso.r.niwepa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 6 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.85.162 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Ingelheim am Rhein, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.113.101.132 (Ingelheim am Rhein, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-117.fra50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.133.107.215 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dedi1115.your-server.de

campaign.mobility-ads.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.218.101 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.101.218.201.195.clients.your-server.de

www.autohaus-koenig.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.75.239.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.196.142 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-196-142.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.200.20 (Poland) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	2 MB
67	ktar.com 1 redirects ktar.com	3 MB
66	doubleclick.net 14 redirects securepubads.g.doubleclick.net 10288467.fls.doubleclick.net 10620649.fls.doubleclick.net 9445712.fls.doubleclick.net 10625865.fls.doubleclick.net 9919737.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	228 KB
46	googlesyndication.com dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	205 KB
24	google.com 3 redirects www.google.com cse.google.com adservice.google.com clients1.google.com	365 KB
15	webgains.io analytics.webgains.io api.webgains.io	256 KB
14	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	29 KB
10	webgains.com track.webgains.com	257 KB
9	awin1.com 3 redirects www.awin1.com	6 KB
9	googletagservices.com www.googletagservices.com	319 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	190 KB
8	googleapis.com fonts.googleapis.com ajax.googleapis.com firebase.googleapis.com firebaseinstallations.googleapis.com	339 KB
6	google.de 1 redirects adservice.google.de www.google.de	2 KB
6	arizonasports.com arizonasports.com	421 KB
6	cookiepro.com cookie-cdn.cookiepro.com	104 KB
5	quantserve.com 3 redirects cms.quantserve.com	2 KB
5	googletagmanager.com www.googletagmanager.com	215 KB
4	2mdn.net s0.2mdn.net	175 KB
4	o2online.de 2 redirects partner.o2online.de portal.o2online.de	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
4	postrelease.com jadserve.postrelease.com	2 KB
3	openx.net 3 redirects rtb.openx.net	995 B
3	lead-alliance.net 3 redirects www.lead-alliance.net	2 KB
3	telefonica-partner.de 3 redirects www.telefonica-partner.de	784 B
3	niwepa.com neso.r.niwepa.com	1 KB
3	congstar.de banner.congstar.de	2 KB
3	innovid.com 2 redirects ag.innovid.com	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com	1 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	secondstreetapp.com embed.secondstreetapp.com api.secondstreetapp.com media.secondstreetapp.com	65 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	549 B
2	casalemedia.com dsum-sec.casalemedia.com	630 B
2	autohaus-koenig.de 1 redirects www.autohaus-koenig.de	531 B
2	blau.de 1 redirects partner.blau.de portal.blau.de	2 KB
2	googleadservices.com www.googleadservices.com	19 KB
2	facebook.com www.facebook.com	443 B
2	facebook.net connect.facebook.net	113 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com	49 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	mookie1.com odr.mookie1.com	608 B
1	everesttech.net 1 redirects pixel.everesttech.net	378 B
1	mobility-ads.de 1 redirects campaign.mobility-ads.de	467 B
1	nr-data.net bam-cell.nr-data.net	715 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	463 B
1	adnxs.com secure.adnxs.com	578 B
1	disqus.com arizonasports.disqus.com	2 KB
1	ntv.io s.ntv.io	113 KB
0	twitter.com Failed urls.api.twitter.com Failed
428	51

	Domain	Requested by
67	ktar.com	1 redirects ktar.com
41	assets.ad4m.at	as.ad4m.at
28	ad4m.at	as.ad4m.at ad4m.at
28	as.ad4m.at	dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com as.ad4m.at ad4m.at
25	tpc.googlesyndication.com	dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
23	cm.g.doubleclick.net	dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com ktar.com
21	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ktar.com dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
14	www.google.com	3 redirects www.google.com ktar.com dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	api.webgains.io	analytics.webgains.io
10	track.webgains.com	as.ad4m.at
9	www.awin1.com	3 redirects as.ad4m.at
9	dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	www.googletagservices.com	ktar.com dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
7	static-de.ad4mat.net	as.ad4m.at
7	prod-rtb.ad4mat.net	ktar.com
7	adservice.google.com	10288467.fls.doubleclick.net 10625865.fls.doubleclick.net 9445712.fls.doubleclick.net 10620649.fls.doubleclick.net 9919737.fls.doubleclick.net securepubads.g.doubleclick.net
6	ad.doubleclick.net	6 redirects
6	arizonasports.com	ktar.com
6	cookie-cdn.cookiepro.com	ktar.com cookie-cdn.cookiepro.com
5	analytics.webgains.io	track.webgains.com
5	cms.quantserve.com	3 redirects dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagmanager.com	ktar.com www.googletagmanager.com www.autohaus-koenig.de
4	s0.2mdn.net	dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com s0.2mdn.net
4	image6.pubmatic.com	4 redirects
4	adservice.google.de	1 redirects adservice.google.com
4	c.amazon-adsystem.com	ktar.com c.amazon-adsystem.com
4	9919737.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	jadserve.postrelease.com	s.ntv.io ktar.com
3	rtb.openx.net	3 redirects
3	www.lead-alliance.net	3 redirects
3	www.telefonica-partner.de	3 redirects
3	neso.r.niwepa.com	as.ad4m.at
3	banner.congstar.de	as.ad4m.at
3	ag.innovid.com	2 redirects dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
3	id.rlcdn.com	2 redirects dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com
3	9445712.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.gstatic.com	ktar.com
2	e.dlx.addthis.com	2 redirects
2	googlecm.hit.gemius.pl	2 redirects
2	dsum-sec.casalemedia.com	dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
2	www.autohaus-koenig.de	1 redirects as.ad4m.at
2	portal.o2online.de	as.ad4m.at
2	partner.o2online.de	2 redirects
2	www.googleadservices.com	9445712.fls.doubleclick.net www.googleadservices.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	www.google.de	ktar.com 9445712.fls.doubleclick.net
2	firebase.googleapis.com	www.gstatic.com
2	stats.g.doubleclick.net	1 redirects ktar.com
2	www.facebook.com	ktar.com
2	connect.facebook.net	ktar.com connect.facebook.net
2	10625865.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10620649.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10288467.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cse.google.com	ktar.com www.google.com
2	ajax.googleapis.com	ktar.com
2	netdna.bootstrapcdn.com	ktar.com netdna.bootstrapcdn.com
2	fonts.googleapis.com	ktar.com embed.secondstreetapp.com
2	cdnjs.cloudflare.com	ktar.com cdnjs.cloudflare.com
1	odr.mookie1.com	dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
1	pixel.everesttech.net	1 redirects
1	campaign.mobility-ads.de	1 redirects
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	ktar.com
1	portal.blau.de	as.ad4m.at
1	partner.blau.de	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	media.secondstreetapp.com	ktar.com
1	clients1.google.com	ktar.com
1	api.secondstreetapp.com	embed.secondstreetapp.com
1	secure.adnxs.com	ktar.com
1	arizonasports.disqus.com	ktar.com
1	embed.secondstreetapp.com	ktar.com
1	s.ntv.io	ktar.com
0	urls.api.twitter.com Failed	ajax.googleapis.com
428	78

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
arizonasports.com
bonneville.com
howardair.com
www.valleychevy.com
www.buyatoyota.com
www.parkerandsons.com
www.justserve.org
facebook.com
publicfiles.fcc.gov
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
ktar.com R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.secondstreetapp.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-07-23`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
arizonasports.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-02` - `2021-10-31`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.r.niwepa.com AlphaSSL CA - SHA256 - G2	`2021-03-15` - `2022-04-16`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
autohaus-koenig.de R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh

This page contains 58 frames:

Primary Page: https://ktar.com/
Frame ID: 7CFDEF541FCD029CF9BDF24F5234FAD9
Requests: 147 HTTP requests in this frame

Frame: https://10288467.fls.doubleclick.net/activityi;dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: EA1522974ECE866538264A65D4097F6A
Requests: 1 HTTP requests in this frame

Frame: https://10620649.fls.doubleclick.net/activityi;dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: B25871C6FD10EC600FC9002910096CB8
Requests: 1 HTTP requests in this frame

Frame: https://9445712.fls.doubleclick.net/activityi;dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: D341A3EFFAA08CCE95B36400BF78F177
Requests: 1 HTTP requests in this frame

Frame: https://10625865.fls.doubleclick.net/activityi;dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: DAE1E02CD1D7DC0922B3EA45B7E6CE88
Requests: 1 HTTP requests in this frame

Frame: https://9919737.fls.doubleclick.net/activityi;dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: DEBC688CBD29BA79DFF8BA977C74AB7C
Requests: 2 HTTP requests in this frame

Frame: https://9919737.fls.doubleclick.net/activityi;dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: BDE80D7538A46FE174ACB5691227A250
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: E1A386F81F197D90066CD99144781AE2
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: A2E042E4E88B526BB327CDFE1F59C28A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 7F500B9EAA286AFFD155AB5DAF786305
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: BE8D475D98890FA9DD3AD3CA866FB622
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 16F58CCC23922D0E94E418BAEF802397
Requests: 1 HTTP requests in this frame

Frame: https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: E8ED50EFF7C8618EEAABD0CD0BC48C16
Requests: 4 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 82A03ECE5745D4A55EFFA1218951DEE4
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
Frame ID: 6BC87D6E60BD57C57B758D4A38BEFB15
Requests: 1 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4DF562507E82F0215364F190EB738436
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: EC7B6F080644B2FEE59E9F8DA20136D9
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EC49AE5ED69163DA4C74147271AEEBA4
Requests: 1 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DB222BD7A37C3F8759B8D5A4A55FF11F
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k5s33ga4nv9706jhhzwmsyz4ya212dv4zhcayvpnvg9h07481qbjvryg703z8vpbgrk1hta6qa5e28zhcakh2esf9y9jdv2rq9dyfr912nnw59ypw7t3f45ba3zcw010qtbh7srf42nb8spxnrr2yeth8ykv29m0hp7h6fdmdkhf8qnb8pgyd612cmgm49tj1zc96yrndd0pqqnpc31p2azw5zgqrnhzz3k9yt83qrqy1svkq1nwjca9d9ajbkthgjhzf63pk3mjnwcvd1876ktemc9p1m1akhn4q95y97my1kdvdmtqdrftmhajscajwwsmse3gpefhana84e867ytf8bcq1651zwj82p99rzhp0hr39azkggf8esp78z4wznzh6z71fxe6yzygt4q5wvqwcwcrr6yhc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: 611E1AE2DBE71EAECB4560064712E4F0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7D9BCBEBD63F958EEA90660468CC3B17
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 86D8EB776BF22BA680A5BBAA9044B71D
Requests: 1 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6A37DDE791ADF957333E03306D017358
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k9ew4hb2acc95sq371ff5r479g5ezhs6n7dq3seam2v4acxybqc11192wy05gz5sf62cw5yggg1py52v9gxvnvje3pe9swtt639gdrwffbxxejkryvyag1wp2rk8s7k2fmztq8axs9r994a9kx0xeee30srnkb4dpr6q7559b82dmqqgsmmm2ew48a7m6qv2s5r1mvb5h7q8cz3vtnxymhdjnwn9vtr2w1kcnxfy1rjde2etrep00mq5wqe74tabnhs0jt9rx9dw5skk4rr9whm8kmhsgth9t7z5v6maw3b0jb58433agc2jav9xacv28kendkvy8nxg50a0szkk92bxq56sg5v0zsf91qg03f1vbj8pfbhstrtpfe0fvm7rxn2a9j172jwxvdjpr6j2nmz5zabeywwew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: 40C3D6B912C2BFBC775D5FAFD5B7630B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 61EB25A59A2AAD374B3A8986E7C61738
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: F534DBFC972E6857F090F37B0E2543D7
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 26E8BFFE8B9450CA2E87A8D23AAF210A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: 2CDAACA57A56B123DC9080D7930CE995
Requests: 11 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 122FF3FE352FC49363FB208F9EE4E836
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hjk8215hybhges167q873p2avk10aph8geetdkgwz7texms77tpz5x8ar41s7mrd13s3c1t9ty38b30a81rm29wejkt36mer5xrdwyam0n666sk69y08xwnrgvgj72mvb71md1zt3hme4ptpd77j2n6s2cq6wxgymtsy925fhyq46k67vjd12mhbnkj2bt4nhpehy4zrwpwgy8p686rxmm7bzj63nq1861hv7aptwqhz7eebfn99fb28cqpqemnn3t240fn9jbvgrd3hkk1p19nj2frarwhzfsn88yxzfdv94fznwzhnrxaj510s73vfmv668tk22hpjpf9vg3zc1pxxv54cz6qjgag4ker31bkthskaz2a540j9cp5r9w18svfkd66b4zgvchrw6qgjapzjew28gjw6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: F517844D39812ED9EE4A435350EC1FC3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3803082A53BD7E2D2B6E89ED5E57DBC2
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6A70913398B5DFF1B17CB0AF2F416D05
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: 534B3C87950EA3AC36B7D663B1033A30
Requests: 9 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE2C0FFB6D03C4923DA3848AD31A18BE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6CBBBB425DC2A2B0008C2398A4CCCFA8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A84B02561824BFC9AAA7A16568936DE
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h4nmd9waaw70vtcshct2p13153mdaecxfdr258f3jd6ra39kjrhhyg6r9ce12d3429pk8hvc8qbfspebasknswpw2cs3h9ywwk0wk6e1by0whht7hwvq16s17w1xads2f7g8cf9erwp5m3xpdj2bmy9sfygv0wgez5w115cf8csbtpnzt05qeyy0nhm5fe8mbmfzw7bdkjv8qy1vahx13292xchw0zsfwmp5k971a0hc6f7ey3z82y2jh9akna7hwzbm2arjycxmeyaxjt4b617rfe17534nt20xgc6yqs211ez9p2tq5apaasfp4zmhb1jjc67bq3m1bkp586ext9n7qr2h23eec1vw2whjbh2hnbzahexejjfjpqbz3kq5211sb92hww6abx4y6r0wsvzmfsq8e8wb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: 46F942CA0E86B18E732E82A0DA0F7301
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CAD6568C719B54CC61C2F0F8DB97CAD3
Requests: 3 HTTP requests in this frame

Frame: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=382201418
Frame ID: 44A19A7A584BA7A32ABD7EFBBBC8CFD4
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D84CE2D9FEDA3B5C6D0BFE16005DCC69
Requests: 1 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25E28844227E90EE3F3AF7BE1B9CD818
Requests: 9 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27E93971132FD3BA610004CD2C118AA3
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: 3BEBE093FC00EE32F9716D6964C9B55E
Requests: 14 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E6B5642D093F96BC1053E1B522FB2D08
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g1qvb7ppjvj763fy9nqpth0m9y143ae1e086qt8cny8128v0cypzq6pefbh5cvmad68p16cczcynzja2yq8p1hynd4bsjjexxyzee186cfae34fn1hdj7r91n15pmkn97bbxzh4f4xtbxwwp7xey136b6dywgbkw3cdmbyraj1c07etvk7z1vesgh5re2g140cw8scdz26fcn3yxw78ezwysj51s0v1zsv33j23yk93ces3e9hqr99bb36e96mx8wppyysxa8nngcv0cmgsp167pp283wpf08w78rf1qtgsrzr01mav1twv1vzwdp6p0ny6f7sjr7k2t22b5zc8pe5aneeze66rc1mg41nrmjbnwvb7r72s7ad43hfm3qyrvjyvav6yxt88he91947bjvt40g2yc0jhz0jwx11wmq2xk64f28sdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: 3E74C81027FAFB1D3EE24999771CF180
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 58F26435277BFA78747358EDAFD0A633
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gg0m0kb2maqvzwv1fyxba2tfq8w2y5en50vw06dhatj54hk3ekxrpc7p6ma9dx7d0530dfvsdjqcrvhtrssjftabwyhf8m7c0jghq37a7wnpq58jtcacp1h2b82bmmtfzdfy8m6c565kh88n2f04asjd604w9bftanjpga1sn1ja80nvy07c9k0ke3fmdctp08dcyzeaj95r86k6f99hehsxm0dza1sqsd65sbfg6djfgwr2ysh1avhyz1q0p1ssf3hs6wchrcjseqa5fw3fh6wff1gjs2cxq692kmj8w6x1vavr7pa8weqw0n5x7aqnfjmcdhpsnmy3a41wrvyhpmkbxmq3znggv2kb3qe2h9ba007ccy8zdgc2ck44jzpt74pjw588mjw6tx1c4tzw92axvqpdgbk6qqwzttd38vgra2x4g6fm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: B74D5ED4BC3590ACF83B8892D9C21D0A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1715D40BBBB85161BB75018A47839A4D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/124751/4968253339/1632928725046/index.html
Frame ID: 2072FA28D94B7D41B7C41CFB061B555A
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 69F2D55CDEBC4DC3660CCB8B57949EC3
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 07EFE69C22E6B1C5E1C9552D75657131
Requests: 1 HTTP requests in this frame

Frame: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E321DA2D42B491F975996A7BC857FEC3
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: 2B84B7C0BC6DA5D89F5514FA0625AD3D
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: 6AD74942D61F6CEBC799FF2CAB2696EB
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jdn255ya7e6g9zra2ej99bw1qey2vfb374q7j6n37w5mmmbs9jxejzdeg0whnnpfqg2we64j7k4np4tcwj97n0c40zxrzc1rphcnjk2njsfnsvjfgxzc26ab4g78xrermzgx6a4j55pbwvygbb4srwcte8b54fmwvhf1a1w7a4xb1wrwtjqnsmyz7r39pzqcv56zwqsxpw4sqca7z1c20cgnq3sgv6dbpb84aaja7agkxw8yb0v1bmshfd74jwae2a0n771qxhrt0f6jgcdt18fsa331a4w3j7ctyswac77tkamkpp59sz39x1pgc6rqfzvtcrx90ackbxaavpskbj7awa0w9tzggjqqqxpdta9xs7fbza1m12ntangmtb8s3kvtg3q09em52yx15m8a6zb28dpqr89avhwwvxv8sc7ga4jm3qhg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%26client%3Dca-pub-5965569640055032%26adurl%3D
Frame ID: 8AE3AA35412F0399433DE60F7B60DC01
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 483271ABB391031B352E426E0725DFCB
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3F8C0161CE76B2649A71064AAD2806F0
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Frame ID: 1E8FA36ADCDACAD8D54720D55438F6CE
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - KTAR.comsearchBack ButtonSearch IconFilter IconArrow

Page URL History Show full URLs

http://ktar.com/ HTTP 301
https://ktar.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

428
Requests

99 %
HTTPS

0 %
IPv6

51
Domains

78
Subdomains

56
IPs

7
Countries

8568 kB
Transfer

12946 kB
Size

62
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/KTARNews

Search URL Search Domain Scan URL

URL: https://twitter.com/KTAR923

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ktarnews/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/
Title: Arizona Sports

Search URL Search Domain Scan URL

URL: https://bonneville.com/everyday-strong/
Title: EveryDay Strong

Search URL Search Domain Scan URL

URL: http://howardair.com/

Search URL Search Domain Scan URL

URL: https://www.valleychevy.com/

Search URL Search Domain Scan URL

URL: https://www.buyatoyota.com/phoenix/offers/?utm_medium=display&utm_source=KTAR&utm_campaign=NSE_August

Search URL Search Domain Scan URL

URL: http://www.parkerandsons.com/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2863662/suns-g-cameron-payne-out-saturday-against-trail-blazers/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2863499/ari-azs-chandler-jones-out-sunday-cardinals-elevate-4-players-to-active-roster/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2860480/espns-barnwell-proposes-cardinals-trade-for-jabrill-peppers-at-deadline/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2863181/az-asus-eric-gentry-makes-the-athletics-midseason-freshman-all-america-team/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2863169/lakers-dwight-howard-anthony-davis-play-down-sideline-incident/

Search URL Search Domain Scan URL

URL: https://arizonasports.com/story/2861774/davis-mills-houston-texans-limp-into-week-7-matchup-vs-cardinals/

Search URL Search Domain Scan URL

URL: https://www.justserve.org/ktar

Search URL Search Domain Scan URL

URL: http://facebook.com/KTARNews
Title: Follow on Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/KTAR923
Title: Follow on Twitter

Search URL Search Domain Scan URL

URL: https://bonneville.com/careers
Title: Employment

Search URL Search Domain Scan URL

URL: https://bonneville.com/datarequest/
Title: Do Not Sell My Data

Search URL Search Domain Scan URL

URL: https://bonneville.com/copyright-clearance/
Title: Licensing

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/ktar-fm
Title: KTAR-FM

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ktar.com/ HTTP 301
https://ktar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw HTTP 301
https://cse.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Request Chain 97

https://10288467.fls.doubleclick.net/activityi;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://10288467.fls.doubleclick.net/activityi;dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 98

https://10620649.fls.doubleclick.net/activityi;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://10620649.fls.doubleclick.net/activityi;dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 99

https://9445712.fls.doubleclick.net/activityi;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://9445712.fls.doubleclick.net/activityi;dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 100

https://10625865.fls.doubleclick.net/activityi;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://10625865.fls.doubleclick.net/activityi;dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 111

https://9919737.fls.doubleclick.net/activityi;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://9919737.fls.doubleclick.net/activityi;dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 112

https://9919737.fls.doubleclick.net/activityi;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://9919737.fls.doubleclick.net/activityi;dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 135

https://adservice.google.de/ddm/fls/i/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F HTTP 302
https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Request Chain 138

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1229051537&utmhn=ktar.com&utme=8(Static%20Page%22)9(News)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20-%20KTAR.com&utmhid=939105914&utmr=-&utmp=%2F&utmpg=2:digital&utmht=1635040879157&utmac=UA-333933-4&utmcc=__utma%3D248041309.1848816137.1635040879.1635040879.1635040879.1%3B%2B__utmz%3D248041309.1635040879.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=996140440&utmredir=3&utmu=qRAAAAAAAAAAAAAAAAABABAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1848816137.1635040879&jid=996140440&_v=5.7.2dc&z=1229051537 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1848816137.1635040879&jid=996140440&_v=5.7.2dc&z=1229051537&slf_rd=1&random=3940536539

Request Chain 167

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735523585/?random=1146227640&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOvrm_b54fMCFb3TEQgdcEcNBg%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D5414654491970%3Bgtm%3D2wgak0%3Bauiddc%3D1889839354.1635040879%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=b750YeTfIcTQ7gPLtpo4&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/735523585/?random=1146227640&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOvrm_b54fMCFb3TEQgdcEcNBg%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D5414654491970%3Bgtm%3D2wgak0%3Bauiddc%3D1889839354.1635040879%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b750YeTfIcTQ7gPLtpo4&cid=CAQSKQCNIrLMujEiRi0oAjhTcRCEzRHO-uVTv236RJpnzE9PXBbtqrWJ_7li&random=252033268&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/735523585/?random=1146227640&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOvrm_b54fMCFb3TEQgdcEcNBg%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D5414654491970%3Bgtm%3D2wgak0%3Bauiddc%3D1889839354.1635040879%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b750YeTfIcTQ7gPLtpo4&cid=CAQSKQCNIrLMujEiRi0oAjhTcRCEzRHO-uVTv236RJpnzE9PXBbtqrWJ_7li&random=252033268&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 178

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI5X6hOYpW_ITmNom8__G6LHi9xTr52P5nXQjfwrzAZx9_UW625GYxrPzVGyA_Cw0TyiXiZpxC-_FbsNke7QGPOlb4QAvaAJw&google_gid=CAESEGqnl6nHQt8_Yusb0XCHbOc&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO_80osGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBJNVg2aE9ZcFdfSVRtTm9tOF9fRzZMSGk5eFRyNTJQNW5YUWpmd3J6QVp4OV9VVzYyNUdZeHJQelZHeUFfQ3cwVHlpWGlacHhDLV9GYnNOa2U3UUdQT2xiNFFBdmFBSnc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM1BnOUJMdThoY0xoYVM3RUZLMHBCNEVmWHpqVGs0RkstR0pSaVp0Zl85UQ==&google_push

Request Chain 179

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIjc8Tx6fNyoPEgbk7oqRMk&google_cver=1&google_push=AYg5qPJSDNMugWWMbtWO3-8Zjlyww8Z_QOURQYEe2yJxag32oe8LQqmZCTBPlyqdiDbIcQJsHNVCOKXZBjFUeRkYnLW91JjNki75UA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIjc8Tx6fNyoPEgbk7oqRMk&google_cver=1&google_push=AYg5qPJSDNMugWWMbtWO3-8Zjlyww8Z_QOURQYEe2yJxag32oe8LQqmZCTBPlyqdiDbIcQJsHNVCOKXZBjFUeRkYnLW91JjNki75UA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJSDNMugWWMbtWO3-8Zjlyww8Z_QOURQYEe2yJxag32oe8LQqmZCTBPlyqdiDbIcQJsHNVCOKXZBjFUeRkYnLW91JjNki75UA

Request Chain 180

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELST1aZ_o0MHa3q32ztVGdA&google_cver=1&google_push=AYg5qPLhCq4ArbGvJoWfpHjW9jN45afTJ6Jzca1XO8f1xEnN19qGBMtYpCBmP9-l0Az1Gz202uTOD077Rcs7RI6pq-rHq4mcU0nUrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TDRIOFAtMVktM0VUMQ==&google_push=AYg5qPLhCq4ArbGvJoWfpHjW9jN45afTJ6Jzca1XO8f1xEnN19qGBMtYpCBmP9-l0Az1Gz202uTOD077Rcs7RI6pq-rHq4mcU0nUrQ

Request Chain 181

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1

Request Chain 204

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaBSTM_sMMD6quSlEr8_4E&google_cver=1&google_push=AYg5qPK8eBZY5S0NJL5Ve7XwPgSnC7ZSLU8P8WLYVzaVjN3eg-9AuqRgc1TptjJNsZ1I-Q9tCnQc-tC1ofX7v1mDruqDjhDgFd8 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8eBZY5S0NJL5Ve7XwPgSnC7ZSLU8P8WLYVzaVjN3eg-9AuqRgc1TptjJNsZ1I-Q9tCnQc-tC1ofX7v1mDruqDjhDgFd8&google_hm=9n3IIE4mOFQX4alZxvZjuA

Request Chain 217

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMyE9Pb54fMCFeWC_QcdZCYJFg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040880_48319a60-346e-11ec-bab3-2265a16f2a26

Request Chain 229

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021102404012057588070149X113752V1225131106MSoneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021102404012057588070149X113752V1225131106MSoneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=113752

Request Chain 232

https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=oneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=oneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2021102404012057588070147X117703V1226132702MSoneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&spid=2021102404012057588070147X117703V1226132702MSoneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021102404012057588070147X117703V1226132702MSoneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703&ratenzahlung=24

Request Chain 278

https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.autohaus-koenig.de/htlp?coyotetrackingid=382201418 HTTP 301
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=382201418

Request Chain 281

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaBSTM_sMMD6quSlEr8_4E&google_cver=1&google_push=AYg5qPJhKJufJHc1K6K0HAimcCGGsUMP-yF_k2lIHdwgjLNEVEowF6NG2cG4bGlWmJ0tl0UQmkL_eXDpIlyQpreYviSbgHgIZ3msNg HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJhKJufJHc1K6K0HAimcCGGsUMP-yF_k2lIHdwgjLNEVEowF6NG2cG4bGlWmJ0tl0UQmkL_eXDpIlyQpreYviSbgHgIZ3msNg&google_hm=9n3IIE4mOFQX4alZxvZjuA

Request Chain 329

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaBSTM_sMMD6quSlEr8_4E&google_cver=1&google_push=AYg5qPJ_z5lw6zsx8XEK2fMVIjHEzMVVpjNxCLNVtzBRNDMTrqjwatbngWpdNoG6yhfchR_y1bFARD9fUJVoWUX_ysrckV_lLugg HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ_z5lw6zsx8XEK2fMVIjHEzMVVpjNxCLNVtzBRNDMTrqjwatbngWpdNoG6yhfchR_y1bFARD9fUJVoWUX_ysrckV_lLugg&google_hm=9n3IIE4mOFQX4alZxvZjuA

Request Chain 339

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJjUoK8QEvRpAqP1O4a_vjpHO2i2T9djckN4uwDkeBsQUtdexfkMVnAEC08rwl-8_0twCYv7C-5FGushXldr6IvmjZx8kVHcA&google_gid=CAESEM7iab_MuhJ4RvgbOFjY14k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTQGNRQUFCRzd2THoyNw&google_push=AYg5qPJjUoK8QEvRpAqP1O4a_vjpHO2i2T9djckN4uwDkeBsQUtdexfkMVnAEC08rwl-8_0twCYv7C-5FGushXldr6IvmjZx8kVHcA

Request Chain 341

https://rtb.openx.net/sync/dds?google_gid=CAESEMhG3hrP4Zpsu2a7bRNkn_I&google_cver=1&google_push=AYg5qPKeAMIFSKUNXh_IcwGJTBJaneuIo2zPHzGEQ_s8x4RUNo6JmZCkcLEaqEH4Hn_noQRlvjjFpEF9sb4wVUocrIvbTZAPtvku HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEMhG3hrP4Zpsu2a7bRNkn_I&google_cver=1&google_push=AYg5qPKeAMIFSKUNXh_IcwGJTBJaneuIo2zPHzGEQ_s8x4RUNo6JmZCkcLEaqEH4Hn_noQRlvjjFpEF9sb4wVUocrIvbTZAPtvku&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKeAMIFSKUNXh_IcwGJTBJaneuIo2zPHzGEQ_s8x4RUNo6JmZCkcLEaqEH4Hn_noQRlvjjFpEF9sb4wVUocrIvbTZAPtvku&google_hm=rUDctqwWzqAfslGUyACQZg==

Request Chain 342

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIjc8Tx6fNyoPEgbk7oqRMk&google_cver=1&google_push=AYg5qPJI4BJnz1vS5L24T9zaNeKgHp4YlJMGsO6LdO6O-aAKzE2GxMV9Rd9PFb_BWhvA-uYnoaXJcoVWxLOsBEw-3X429xAPdwcy5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJI4BJnz1vS5L24T9zaNeKgHp4YlJMGsO6LdO6O-aAKzE2GxMV9Rd9PFb_BWhvA-uYnoaXJcoVWxLOsBEw-3X429xAPdwcy5w

Request Chain 344

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDZla6Cxry2rX-VwWDjsRHE&google_cver=1&google_push=AYg5qPKjiYKORAOGsbdazYaXt3L2AFitfFLbYVefxSMB3jr61JQp89frPCko8HtIeUccH7IMKONeNvhxRw_elw2NRoGqwUeb31aX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKjiYKORAOGsbdazYaXt3L2AFitfFLbYVefxSMB3jr61JQp89frPCko8HtIeUccH7IMKONeNvhxRw_elw2NRoGqwUeb31aX&google_hm=VWO1NVodQKWWwlf_6Fp26A

Request Chain 345

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ53t9BbEzozgFQEGvq5Gm4&google_cver=1&google_push=AYg5qPLR2sD_wIsZmrTQlzuWr1Z793agFKbPZ1LU7j9X1x87v0tUeQIrqanj5PApSvmxzCsmYjmwWiyN2pJYqB3SvSP3-DWm2rHA9w HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLR2sD_wIsZmrTQlzuWr1Z793agFKbPZ1LU7j9X1x87v0tUeQIrqanj5PApSvmxzCsmYjmwWiyN2pJYqB3SvSP3-DWm2rHA9w&google_hm=

Request Chain 380

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPCN3Pf54fMCFX-K_QcdHOYHMQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040882_494b20b0-346e-11ec-bb42-2234d33d3970

Request Chain 389

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPrK3Pf54fMCFVPsuwgdpncGGA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040882_493b1b20-346e-11ec-b9be-2230dce87953

Request Chain 394

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKGsNr_6_rgHo3Ot61se1iSjHlxa0_necmBMbmYmhx0pjpliBEcpQKcsM0x49hP3iBAJ7wHScAV9Ww10pXItmckAS8b76Ov&google_gid=CAESEPFLBEJuynZFpoolna83gW0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKGsNr_6_rgHo3Ot61se1iSjHlxa0_necmBMbmYmhx0pjpliBEcpQKcsM0x49hP3iBAJ7wHScAV9Ww10pXItmckAS8b76Ov&google_gid=CAESEPFLBEJuynZFpoolna83gW0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjQwMjAxMjIwMDA1NDA4MjYwNTkwNg%3D%3D&google_push=AYg5qPKGsNr_6_rgHo3Ot61se1iSjHlxa0_necmBMbmYmhx0pjpliBEcpQKcsM0x49hP3iBAJ7wHScAV9Ww10pXItmckAS8b76Ov

Request Chain 395

https://rtb.openx.net/sync/dds?google_gid=CAESEMhG3hrP4Zpsu2a7bRNkn_I&google_cver=1&google_push=AYg5qPIAMrPOgeuY4XDFfXObuiZgR6T5lZi8_DuOAl0MNgFWvA5Oy7qpr2JLUNltu2nwddis11eaUTE-ESyzUc5Vy9eGWVJBjlhV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIAMrPOgeuY4XDFfXObuiZgR6T5lZi8_DuOAl0MNgFWvA5Oy7qpr2JLUNltu2nwddis11eaUTE-ESyzUc5Vy9eGWVJBjlhV&google_hm=rUDctqwWzqAfslGUyACQZg==

Request Chain 396

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIjc8Tx6fNyoPEgbk7oqRMk&google_cver=1&google_push=AYg5qPLSxi6lCC_1vNgT4Q_XrD1uaFyQUd-R2Im3oP9LDRIUAe_kRSV7DxVxHwOwJ8Wk98O_xWRTlx6sJ8irQQfMSKoUdTNQILhI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLSxi6lCC_1vNgT4Q_XrD1uaFyQUd-R2Im3oP9LDRIUAe_kRSV7DxVxHwOwJ8Wk98O_xWRTlx6sJ8irQQfMSKoUdTNQILhI

Request Chain 398

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDZla6Cxry2rX-VwWDjsRHE&google_cver=1&google_push=AYg5qPLP0E8B9i68ye7dyiSEVgHctM2eDXOzHTSRKiy7og0-_LMcIRDGuUTptrqRkMV_gGpGVnvK2Wi9Vd7Epp2qiSCCvHPEqUza HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLP0E8B9i68ye7dyiSEVgHctM2eDXOzHTSRKiy7og0-_LMcIRDGuUTptrqRkMV_gGpGVnvK2Wi9Vd7Epp2qiSCCvHPEqUza&google_hm=VWO1NVodQKWWwlf_6Fp26A

Request Chain 399

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ53t9BbEzozgFQEGvq5Gm4&google_cver=1&google_push=AYg5qPLNpf0KycHI5u0TqetSZgdSORLvj4fdWzrXIjAQTJmtnAiwfiMZvWIm6vuyxiXzTRHakU--KTzoEHrPtwZAZoAL7rMXWUtbhw HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLNpf0KycHI5u0TqetSZgdSORLvj4fdWzrXIjAQTJmtnAiwfiMZvWIm6vuyxiXzTRHakU--KTzoEHrPtwZAZoAL7rMXWUtbhw&google_hm=

Request Chain 422

https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=oneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=oneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2021102404012257588070275X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&spid=2021102404012257588070275X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021102404012257588070275X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703&ratenzahlung=24

428 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ktar.com/
Redirect Chain

http://ktar.com/
https://ktar.com/

174 KB
30 KB

531ms
166ms

Document
text/html

104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: e3ebf24080cc275661e2e3d40206aa070e7cfea03e9e78c89bc281d9a17de8a3

Request headers

:method: GET
:authority: ktar.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sun, 24 Oct 2021 02:01:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://ktar.com/wp-json/>; rel="https://api.w.org/" <https://ktar.com/wp-json/wp/v2/pages/256210>; rel="alternate"; type="application/json" <http://j.mp/qY2LmC>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 128
x-cache-group: normal
content-encoding: br

Redirect headers

Server: nginx
Date: Sun, 24 Oct 2021 02:01:17 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://ktar.com/

GET
H2 200 polls-css.css
ktar.com/wp-content/plugins/wp-polls/ 3 KB
936 B 124ms
121ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/wp-polls/polls-css.css?ver=2.75.6
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526

Request headers

:path: /wp-content/plugins/wp-polls/polls-css.css?ver=2.75.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-a94"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 s4_primary.css
ktar.com/wp-content/themes/bonneville-news-theme/assets/css/ 17 KB
5 KB 138ms
135ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_primary.css?ver=20210814
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ac3dd20b181b9c53eaf4d64028f2adf3a64f6a7fdfc1a0a1d0e9b73b9bb7f10

Request headers

:path: /wp-content/themes/bonneville-news-theme/assets/css/s4_primary.css?ver=20210814
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Fri, 15 Oct 2021 19:01:53 GMT
server: nginx
etag: W/"6169d021-4370"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 s4_dark.css
ktar.com/wp-content/themes/bonneville-news-theme/assets/css/ 1 KB
549 B 146ms
144ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_dark.css?ver=20210512
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ce02b3d4700bffa18f3d5599306e343cd3cb6c6bf24547a6116b34b292d62910

Request headers

:path: /wp-content/themes/bonneville-news-theme/assets/css/s4_dark.css?ver=20210512
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-42d"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 s4_headfoot.css
ktar.com/wp-content/themes/bonneville-news-theme/assets/css/ 5 KB
1 KB 154ms
152ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_headfoot.css?ver=20210512
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2e7b97014888892d70399baf2f07766517da24e1e7c94df63406e271b8831aa

Request headers

:path: /wp-content/themes/bonneville-news-theme/assets/css/s4_headfoot.css?ver=20210512
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 20:48:03 GMT
server: nginx
etag: W/"6148f383-122b"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 40ms
16ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.7.3

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 83949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=om2XLMv4hJ92mWKDBxW2MbMQtXfSOUo6eHHRltnVFG3asBtdZPybhhnrAsAPrIqXTzbQROoXx7c0CHgX0y7Gj%2F8vsa5QQJL3TsX%2F6JnN0YaJmBlNbuOFg%2BLVVkjCg2FxLyxlvSPA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a2f9dd1887521bd-DUS
expires: Fri, 14 Oct 2022 02:01:18 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 81ms
29ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B800&display=swap&ver=5.7.3

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 02:01:18 GMT
server: ESF
date: Sun, 24 Oct 2021 02:01:18 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 24 Oct 2021 02:01:18 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
5 KB 39ms
15ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=4.0.3

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 244710
cdn-cachedat: 2021-04-23 06:08:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 42b784de0d15140469c5674bd141e42e
cf-ray: 6a2f9dd18a6221c3-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 events.css
ktar.com/wp-content/plugins/tweak-events/assets/css/ 10 KB
3 KB 145ms
143ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/tweak-events/assets/css/events.css?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 643c563abab207c9806aeeeff9c308c7175d62f5e9c570caf6de2c5b7afc06bb

Request headers

:path: /wp-content/plugins/tweak-events/assets/css/events.css?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-2774"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 weather-icons.min.css
ktar.com/wp-content/plugins/weather-widgets/assets/css/ 6 KB
2 KB 152ms
151ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/weather-widgets/assets/css/weather-icons.min.css?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2751594edaed7b725664e41e4e8d8d46475d95520d2e9b96c73487850f8cc56

Request headers

:path: /wp-content/plugins/weather-widgets/assets/css/weather-icons.min.css?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-1980"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 74ms
22ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=3.6.0

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:58:14 GMT
x-content-type-options: nosniff
age: 169384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 22 Oct 2022 02:58:14 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
248 KB 99ms
47ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js?ver=1.12.1

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:40:33 GMT
x-content-type-options: nosniff
age: 184845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 253668
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 21 Oct 2022 22:40:33 GMT

GET
H2 200 jquery.functions.js Show response
ktar.com/wp-content/themes/bonneville-news-theme/assets/js/ 6 KB
2 KB 160ms
158ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/js/jquery.functions.js?ver=1.1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c752d8fd9ca0d1501305899db78069fa8d3aece6a134f840b3afc07ed2a7ed04

Request headers

:path: /wp-content/themes/bonneville-news-theme/assets/js/jquery.functions.js?ver=1.1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-18d6"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sw4.js Show response
ktar.com/wp-content/themes/bonneville-news-theme/assets/js/ 2 KB
782 B 241ms
240ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/js/sw4.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 63028089b6bc0baf9bacaf507f21f56f6c70855960f4a31c51a83ff3dc2647cf

Request headers

:path: /wp-content/themes/bonneville-news-theme/assets/js/sw4.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-7b8"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 19 KB
7 KB 50ms
20ms Script
application/javascript 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 445138
x-ms-lease-status: unlocked
last-modified: Thu, 07 Oct 2021 01:50:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e79150b9-401e-002c-406e-c4d4e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6a2f9dd18ee8fb5c-DUS
expires: Mon, 01 Nov 2021 02:01:18 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 387 KB
113 KB 63ms
16ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:01:18 GMT
Content-Encoding: gzip
x-amz-request-id: 895P7GZMS448PBGC
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: E1f3G4zwvNTivmbsjwi9gTDTblbRbtJyRdbl9CMpQza/SzA88yTu1Zx0HeDBqc0Pyxav9taZuIY=
Last-Modified: Fri, 08 Oct 2021 20:59:32 GMT
Server: AmazonS3
ETag: "5cac4cabadee93ec669a5ded971f5756"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 PRIMARY_RECTANGLE.svg
ktar.com/wp-content/plugins/bonneville-logos-manager/logos/ 3 KB
1 KB 259ms
254ms Image
image/svg+xml 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/plugins/bonneville-logos-manager/logos/PRIMARY_RECTANGLE.svg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e13a7f8506c7cc36afe366e3ac76701428d4bbc9f4eb5577abd141e7955b6f0d

Request headers

:path: /wp-content/plugins/bonneville-logos-manager/logos/PRIMARY_RECTANGLE.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-a64"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 Grant-Woods-BP-2-620x370.jpg
ktar.com/wp-content/uploads/2019/02/ 47 KB
47 KB 259ms
254ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2019/02/Grant-Woods-BP-2-620x370.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: af0534dd2688e631a1634efd193a3446461fad5311f13adf20d8b64284bb58a7

Request headers

:path: /wp-content/uploads/2019/02/Grant-Woods-BP-2-620x370.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Wed, 20 Feb 2019 08:58:09 GMT
server: nginx
etag: "35dfe9e7c78cf28329f244fd1714d721"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48160
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 howardAirlogo.svg
ktar.com/wp-content/themes/ktar/assets/images/ 19 KB
6 KB 259ms
255ms Image
image/svg+xml 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/themes/ktar/assets/images/howardAirlogo.svg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 743118de08e11807033615921ff81dcf28b25e07cd2da846e3a4f26db97323c0

Request headers

:path: /wp-content/themes/ktar/assets/images/howardAirlogo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-4b28"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 valley_chevy_dealers_sm_2in_100.jpg
ktar.com/wp-content/uploads/2018/04/ 2 KB
2 KB 259ms
255ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2018/04/valley_chevy_dealers_sm_2in_100.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b37841afa1a6c61128647532c2cc98a15dfa55acdbe650bfdfb44bd75faf74c7

Request headers

:path: /wp-content/uploads/2018/04/valley_chevy_dealers_sm_2in_100.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sun, 15 Apr 2018 08:39:16 GMT
server: nginx
etag: "252b77523894bc00c398762e16f02a51"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1618
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 POLL-copy-3.jpg
ktar.com/wp-content/uploads/2019/04/ 7 KB
8 KB 187ms
183ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2019/04/POLL-copy-3.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 68907ee01093b2068a305daeded339b68cc0990b41eadb457bbe0e1e5d50eb83

Request headers

:path: /wp-content/uploads/2019/04/POLL-copy-3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sat, 11 May 2019 08:29:22 GMT
server: nginx
etag: "a653423c7d475aed16b2fed474072bba"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7449
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ValleyToyotaBug.png
ktar.com/wp-content/uploads/2019/08/ 3 KB
3 KB 345ms
341ms Image
image/png 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2019/08/ValleyToyotaBug.png
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 83245214087cbf2e7a0ed37bfd85986dc991412cc9448ccd88ef8b5887e21fdd

Request headers

:path: /wp-content/uploads/2019/08/ValleyToyotaBug.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Thu, 05 Sep 2019 10:09:24 GMT
server: nginx
etag: "1cfa08d5336e18d38d736eb6ef726ce6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2882
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 loading.gif
ktar.com/wp-content/plugins/wp-polls/images/ 771 B
973 B 345ms
341ms Image
image/gif 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/plugins/wp-polls/images/loading.gif
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

:path: /wp-content/plugins/wp-polls/images/loading.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: "5df920f5-303"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 771

GET
H2 200 ap_81c752af274e4886a7a4dfa07bce22fe-3-e1633555170514.jpg
ktar.com/wp-content/uploads/2021/07/ 83 KB
83 KB 345ms
342ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/07/ap_81c752af274e4886a7a4dfa07bce22fe-3-e1633555170514.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e750b3284638308fa6d086f25513ab840406b9fd96a6eac4159cafa18a4953b5

Request headers

:path: /wp-content/uploads/2021/07/ap_81c752af274e4886a7a4dfa07bce22fe-3-e1633555170514.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Mon, 18 Oct 2021 07:34:42 GMT
server: nginx
etag: "218ceac56e2f78911e2c266a45081427"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 84637
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 getty-covid-for-10-11.jpg
ktar.com/wp-content/uploads/2021/10/ 102 KB
103 KB 345ms
342ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/getty-covid-for-10-11.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a32d32e2e5fb637fd1b35e24625f93819347f5b117c3f37406176456e692a4b

Request headers

:path: /wp-content/uploads/2021/10/getty-covid-for-10-11.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sat, 23 Oct 2021 07:16:03 GMT
server: nginx
etag: "57b9369973bc76bfe923248113050b55"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 104742
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 164818324_10159622403241742_779719157477980798_n-1.jpg
ktar.com/wp-content/uploads/2021/08/ 292 KB
293 KB 345ms
342ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/164818324_10159622403241742_779719157477980798_n-1.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c95606e1abcd77e77fd7d4d4cf3b901ae62530822b924e33c8504baba214f43e

Request headers

:path: /wp-content/uploads/2021/08/164818324_10159622403241742_779719157477980798_n-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Tue, 12 Oct 2021 07:32:06 GMT
server: nginx
etag: "01b722123b2cc0f793608e3aea97382b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 299130
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 parker_HPBug.jpeg
ktar.com/wp-content/uploads/2021/08/ 2 KB
2 KB 345ms
342ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/parker_HPBug.jpeg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c0c3207d5bd04fd85479641ac5b7a63ee3f668692d233e513be2cf4a1c05e96c

Request headers

:path: /wp-content/uploads/2021/08/parker_HPBug.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Tue, 07 Sep 2021 07:22:35 GMT
server: nginx
etag: "00171158b441210361864ea6cd568487"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1921
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 amn-pod.jpeg
ktar.com/wp-content/uploads/2021/08/ 48 KB
49 KB 345ms
342ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/amn-pod.jpeg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f1acab7716cffdd27f631b6fb47eaa71fabd5339a6cf701e02f6df04e7705bb

Request headers

:path: /wp-content/uploads/2021/08/amn-pod.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Mon, 06 Sep 2021 07:50:37 GMT
server: nginx
etag: "1b6247927247593e0c27b6986affb334"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49450
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 mbroomhead-pod.jpeg
ktar.com/wp-content/uploads/2021/08/ 39 KB
39 KB 346ms
343ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/mbroomhead-pod.jpeg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: baac041f9cedcc851bf5855963ac7bd84908ec39613ec95d1217706b75e276b5

Request headers

:path: /wp-content/uploads/2021/08/mbroomhead-pod.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Mon, 06 Sep 2021 07:50:37 GMT
server: nginx
etag: "d2f65a83aea850d719a29be6e7db7c7a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 39560
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 gaydoschad-pod.jpeg
ktar.com/wp-content/uploads/2021/08/ 36 KB
37 KB 346ms
343ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/08/gaydoschad-pod.jpeg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: acf6921a36ea4f70d608b49882438f17c4af992e04e8924bc4cf7e2f8b0dae1f

Request headers

:path: /wp-content/uploads/2021/08/gaydoschad-pod.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Mon, 06 Sep 2021 07:50:38 GMT
server: nginx
etag: "620c108c25496266cffbcced9bff8a6e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 37279
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H/1.1 200
OK optin.js Show response
embed.secondstreetapp.com/Scripts/dist/ 176 KB
52 KB 391ms
99ms Script
application/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-45.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:01:18 GMT
Content-Encoding: gzip
ETag: "042b333c6d71:0"
Last-Modified: Wed, 20 Oct 2021 22:37:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 102
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 52427

GET
H2 200 2020.04-KTAR-Cares-Widget.jpg
ktar.com/wp-content/uploads/2021/10/ 49 KB
49 KB 346ms
343ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/2020.04-KTAR-Cares-Widget.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 03b4a055b08c7377eeeed48cf478f9bcfc3bb985b05c0bafdec1677583770455

Request headers

:path: /wp-content/uploads/2021/10/2020.04-KTAR-Cares-Widget.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sat, 23 Oct 2021 07:19:14 GMT
server: nginx
etag: "2adb56205be0593538294fe3665fa6a3"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 50023
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H/1.1 200
OK count.js Show response
arizonasports.disqus.com/ 1 KB
2 KB 35ms
6ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://arizonasports.disqus.com/count.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:01:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 80
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 21 Oct 2021 01:03:12 GMT
Server: nginx
ETag: "6170bc50-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 3546XzkdZRktpwl7xeBD1ZdaOhMWQsHZRDmbRgTLCPxTc6wpGs_tjQ==

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.7.0/ 21 KB
7 KB 69ms
21ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.7.0/firebase-app.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

8234c6fd6b3f09b5d78fdda27eb4e7daec0d3d899b86a9b190cea175627a1c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6965
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:34:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Tue, 18 Oct 2022 17:59:31 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.7.0/ 35 KB
35 KB 69ms
24ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.7.0/firebase-analytics.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

d404e01916636d8c76f737079392a2da123cf83c60ad3da1fc6fe44241db4e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 06:58:27 GMT
x-content-type-options: nosniff
age: 241371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35740
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:34:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Fri, 21 Oct 2022 06:58:27 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.7.0/ 40 KB
40 KB 100ms
56ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.7.0/firebase-messaging.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

540b5be2b05010cda2423355e9068d0114d2fb7cca71fdf18e15f3c92c07db16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 23:23:46 GMT
x-content-type-options: nosniff
age: 182252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40924
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:34:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Fri, 21 Oct 2022 23:23:46 GMT

GET
H2 200 weather-icons.css
ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/ 8 KB
2 KB 124ms
119ms Stylesheet
text/css 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/weather-icons.css?ver=1.2
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b48cae9a9fcc318fb1c638f4097ad3ca6445c236b981998c799efdc662b6653a

Request headers

:path: /wp-content/plugins/weather-widgets/widgets/assets/css/weather-icons.css?ver=1.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-1eaa"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mobile-detect.min.js Show response
ktar.com/wp-content/plugins/ad-code-timing/assets/js/ 32 KB
14 KB 150ms
145ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/ad-code-timing/assets/js/mobile-detect.min.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d8d860892c9a1dd820a710a980227b8403271cdcf0323c9a47d41538ccec80bd

Request headers

:path: /wp-content/plugins/ad-code-timing/assets/js/mobile-detect.min.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-81f8"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.cookie.js Show response
ktar.com/wp-content/plugins/ad-code-timing/assets/js/ 3 KB
2 KB 155ms
150ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/ad-code-timing/assets/js/jquery.cookie.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b

Request headers

:path: /wp-content/plugins/ad-code-timing/assets/js/jquery.cookie.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-c38"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 takeover.js Show response
ktar.com/wp-content/plugins/ad-code-timing/assets/js/ 2 KB
774 B 155ms
151ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/ad-code-timing/assets/js/takeover.js?ver=1.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8b6b38175d300ed73096a7c28fd39cba69509a5196bad1be6c1d3edc970414e3

Request headers

:path: /wp-content/plugins/ad-code-timing/assets/js/takeover.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-69b"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 qppr_frontend_script.min.js Show response
ktar.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 1014 B
643 B 156ms
150ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.1.5
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4d81cd951bc1cc8095a0b6385baa47b9c5fb6fe1440661563a09dbd2f7e243db

Request headers

:path: /wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.1.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-3f6"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 polls-js.js Show response
ktar.com/wp-content/plugins/wp-polls/ 3 KB
864 B 160ms
155ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.75.6
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Request headers

:path: /wp-content/plugins/wp-polls/polls-js.js?ver=2.75.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-caa"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sharecounts.js Show response
ktar.com/wp-content/themes/bonneville-news-theme/assets/js/ 679 B
535 B 190ms
185ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/js/sharecounts.js?ver=1.0.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28a110a1ff4c1d6a68d7a4e60ed003cf3a5ac032cbf5094c42e330f777c6723f

Request headers

:path: /wp-content/themes/bonneville-news-theme/assets/js/sharecounts.js?ver=1.0.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: W/"61270a01-2a7"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 plusdate.js Show response
ktar.com/wp-content/plugins/tweak-events/assets/js/ 452 B
478 B 259ms
254ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/tweak-events/assets/js/plusdate.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: af57e21392ab61f764937da2634c062094b82b086a640d7410a16aa375820da2

Request headers

:path: /wp-content/plugins/tweak-events/assets/js/plusdate.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-1c4"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 event-submit-validate.js Show response
ktar.com/wp-content/plugins/tweak-events/assets/js/ 4 KB
1 KB 159ms
154ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/tweak-events/assets/js/event-submit-validate.js?ver=1.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0e1dd9bee18c1d77e1e912fdfd7127875ee68971cbee514ed7f64c297c39d179

Request headers

:path: /wp-content/plugins/tweak-events/assets/js/event-submit-validate.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-f6a"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
ktar.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 174ms
169ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
etag: W/"605cec4b-5133"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 datepicker.min.js Show response
ktar.com/wp-includes/js/jquery/ui/ 35 KB
11 KB 246ms
241ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d

Request headers

:path: /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
etag: W/"605cec4b-8d34"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 datepicker-submit.js Show response
ktar.com/wp-content/plugins/tweak-events/assets/js/ 140 B
316 B 258ms
253ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/tweak-events/assets/js/datepicker-submit.js?ver=1.0
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e07dac40b96f7503f396331e32d231530f8d9bd9aa58cf25e22b17421f6d4b14

Request headers

:path: /wp-content/plugins/tweak-events/assets/js/datepicker-submit.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-8c"
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
ktar.com/wp-includes/js/ 1 KB
947 B 259ms
254ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-592"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.cycle.lite.js Show response
ktar.com/wp-content/plugins/arizona-traffic/assets/js/ 8 KB
3 KB 259ms
254ms Script
application/javascript 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/arizona-traffic/assets/js/jquery.cycle.lite.js?ver=1.7
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73431242d393f2b2932f404e6a00d234b1ca38041af6eb27470761da0d8ed2c1

Request headers

:path: /wp-content/plugins/arizona-traffic/assets/js/jquery.cycle.lite.js?ver=1.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: W/"5df920f5-1ef6"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 96d83517-a163-4ffe-9ea9-a4e9cd901cff.json Show response
cookie-cdn.cookiepro.com/consent/96d83517-a163-4ffe-9ea9-a4e9cd901cff/ 2 KB
2 KB 57ms
36ms XHR
application/x-javascript 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/96d83517-a163-4ffe-9ea9-a4e9cd901cff/96d83517-a163-4ffe-9ea9-a4e9cd901cff.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2543b798df6a799c869fe2576ddc5f4a8cc538d34f5ff6f800c0ccdfe4dd4803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: U8NdQb1PVgaaYblSYczMoA==
x-ms-lease-status: unlocked
last-modified: Tue, 30 Jun 2020 21:13:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1e5fd598-701e-007a-6c04-38250d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6a2f9dd30f147160-DUS

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 85ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

396966db542c4bd587ec99dfa750a98b99d89a80e1a30a423e26e0687892ce1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1023 / 337 of 1000 / last-modified: 1634854038"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27199
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Oct 2021 02:01:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
56 KB 88ms
38ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cb97c08b684a282258c65272edfbfbb33d96ae18ccce3224bb3b57d1cd017627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 56462
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:01:18 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw
https://cse.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

10 KB
4 KB

128ms
59ms

Script
text/javascript

142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

gws /

Resource Hash

6a1f39a2aae608c161763c315a374957f02523efafb86f11903fbe03ace1a242

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3487
x-xss-protection: 0
expires: Sun, 24 Oct 2021 02:01:18 GMT

Redirect headers

date: Sun, 24 Oct 2021 01:59:43 GMT
x-content-type-options: nosniff
server: sffe
age: 95
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
expires: Sun, 24 Oct 2021 02:29:43 GMT

GET
H2 200 ktar-multi-nav-icons.png
ktar.com/wp-content/themes/bonneville-news-theme/assets/images/ 2 KB
2 KB 331ms
330ms Image
image/png 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/images/ktar-multi-nav-icons.png
Requested by: Host: ktar.com
URL: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_primary.css?ver=20210814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c216c6c4cd384219a86e806c818d4080221dc16c71c1ccb957c1349740b2ecae

Request headers

:path: /wp-content/themes/bonneville-news-theme/assets/images/ktar-multi-nav-icons.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_primary.css?ver=20210814
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/wp-content/themes/bonneville-news-theme/assets/css/s4_primary.css?ver=20210814
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Thu, 26 Aug 2021 03:26:57 GMT
server: nginx
etag: "61270a01-63c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1596

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 81ms
24ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B800&display=swap&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 462821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 96ms
39ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B800&display=swap&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 08:58:25 GMT
x-content-type-options: nosniff
age: 147773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 08:58:25 GMT

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 43 KB
44 KB 28ms
15ms Font
font/woff 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=4.0.3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=4.0.3
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 15883878
cdn-cachedat: 2021-04-23 07:49:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44432
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1601ae05d0bef480e18db2985b95cae5
accept-ranges: bytes
cf-ray: 6a2f9dd32d612193-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 109ms
52ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700%3B800&display=swap&ver=5.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 203101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:36:17 GMT

GET
H2 200 weathericons-regular-webfont.woff
ktar.com/fonts/ 47 KB
47 KB 328ms
328ms Font
font/woff 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/fonts/weathericons-regular-webfont.woff
Requested by: Host: ktar.com
URL: https://ktar.com/wp-content/plugins/weather-widgets/assets/css/weather-icons.min.css?ver=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae03289bb26aefab9857ae4b0097652bc8a17643990dee384031c88775941ee9

Request headers

:path: /fonts/weathericons-regular-webfont.woff
pragma: no-cache
origin: https://ktar.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: ktar.com
referer: https://ktar.com/wp-content/plugins/weather-widgets/assets/css/weather-icons.min.css?ver=1.0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ktar.com/wp-content/plugins/weather-widgets/assets/css/weather-icons.min.css?ver=1.0
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Tue, 17 Dec 2019 18:39:48 GMT
server: nginx
etag: "5df920f4-bcf8"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 48376

GET
H2 200 ap_650ace9add1b4a9d954aa45d01163995-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 102 KB
102 KB 284ms
279ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_650ace9add1b4a9d954aa45d01163995-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 17c6a29db22e9ccb77b4544b5b0d6232498804b5eb1340a82f2c429aa135cda2

Request headers

:path: /wp-content/uploads/2021/10/ap_650ace9add1b4a9d954aa45d01163995-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sat, 23 Oct 2021 15:46:51 GMT
server: nginx
etag: "61742e6b-1965d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 104029
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_4131ad0c977048d788f70aee120292c3-e1635002590167-900x506.jpg
ktar.com/wp-content/uploads/2021/09/ 40 KB
40 KB 284ms
274ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/09/ap_4131ad0c977048d788f70aee120292c3-e1635002590167-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0c7c5a9756f9d9d07f155c9c3fd3b3445552114d1499377f77bc95eb9f94d24c

Request headers

:path: /wp-content/uploads/2021/09/ap_4131ad0c977048d788f70aee120292c3-e1635002590167-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sat, 23 Oct 2021 15:23:11 GMT
server: nginx
etag: "617428df-9e5c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 40540
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 FCQ3hC3VkAsWOGl-e1635005387136.jpg
ktar.com/wp-content/uploads/2021/10/ 27 KB
28 KB 284ms
273ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/FCQ3hC3VkAsWOGl-e1635005387136.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d6a8e6fd9b427b6fbea425b0ee3043138a5ddf86b73180e9e17d61008b80d091

Request headers

:path: /wp-content/uploads/2021/10/FCQ3hC3VkAsWOGl-e1635005387136.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sat, 23 Oct 2021 16:09:48 GMT
server: nginx
etag: "617433cc-6d2e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 27950
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_69455b39c31943ba964508a8842cf596-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 94 KB
95 KB 284ms
274ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_69455b39c31943ba964508a8842cf596-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 372fb46b58a4e5c66e645721fc9e771390fc9c16d849bc8dbd6c18749588694c

Request headers

:path: /wp-content/uploads/2021/10/ap_69455b39c31943ba964508a8842cf596-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 22:36:06 GMT
server: nginx
etag: "61733cd6-17954"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 96596
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 tempe-bike-lane-city-site-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 66 KB
66 KB 282ms
273ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/tempe-bike-lane-city-site-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c156b1c2bdb16bb667780f4c20e8df154a718774d825a437615f7b547cce8edb

Request headers

:path: /wp-content/uploads/2021/10/tempe-bike-lane-city-site-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Thu, 21 Oct 2021 21:41:36 GMT
server: nginx
etag: "6171de90-1064f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 67151
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 C02wUoUUcAAlVzh-e1634791977484.jpg
ktar.com/wp-content/uploads/2021/10/ 28 KB
29 KB 282ms
273ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/C02wUoUUcAAlVzh-e1634791977484.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b796c612c8cf199b96a082ff78b85092c42b50b865da9bb026dff05771701d3

Request headers

:path: /wp-content/uploads/2021/10/C02wUoUUcAAlVzh-e1634791977484.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Thu, 21 Oct 2021 04:52:58 GMT
server: nginx
etag: "6170f22a-710f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 28943
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 5X3A5025-e1634937477128-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 119 KB
120 KB 281ms
273ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/5X3A5025-e1634937477128-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d5864752c189fafa661db48b584f56af15a86cb34ce47f8915e365e2eb62be1e

Request headers

:path: /wp-content/uploads/2021/10/5X3A5025-e1634937477128-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 21:17:58 GMT
server: nginx
etag: "61732a86-1dd4d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 122189
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 KyrstenSinema-e1634942757264-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 48 KB
48 KB 282ms
274ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/KyrstenSinema-e1634942757264-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd008c28a4a4cd8bb92782aeb00526327200b83f5c52bd10ca3b4a35ce54135f

Request headers

:path: /wp-content/uploads/2021/10/KyrstenSinema-e1634942757264-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 22:45:57 GMT
server: nginx
etag: "61733f25-be8e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 48782
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 LakeMeadwatershortage-e1634929876721-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 73 KB
74 KB 282ms
274ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/LakeMeadwatershortage-e1634929876721-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f6ab26f29e6709a33a270b456a4ab9b06e66d3b31bc4aa9c328a32226e64a9d

Request headers

:path: /wp-content/uploads/2021/10/LakeMeadwatershortage-e1634929876721-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 19:11:16 GMT
server: nginx
etag: "61730cd4-12564"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 75108
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 sinema-getty-for-10-22-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 97 KB
98 KB 281ms
274ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/sinema-getty-for-10-22-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2cae96ca169b631adf6253cd25d9b59f53f4ac3a01a2489a1279c007fcdfd37

Request headers

:path: /wp-content/uploads/2021/10/sinema-getty-for-10-22-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 21:49:10 GMT
server: nginx
etag: "617331d6-18516"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 99606
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_c128351dfddb4c35a06be423fecf9de8-e1634916215194-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 62 KB
62 KB 280ms
274ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_c128351dfddb4c35a06be423fecf9de8-e1634916215194-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d79607bda93f2f81fdc4ecc4d0a0ec8ed6d3d9a13fbad7095e90dffe1741b203

Request headers

:path: /wp-content/uploads/2021/10/ap_c128351dfddb4c35a06be423fecf9de8-e1634916215194-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 15:23:36 GMT
server: nginx
etag: "6172d778-f6fa"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 63226
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 mosquito-off-getty-16x9-1.jpg
ktar.com/wp-content/uploads/2021/10/ 181 KB
181 KB 281ms
274ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/mosquito-off-getty-16x9-1.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9e1782d352b750fc35ebc7e71aec460c0af117d826debcaef83ee6a3a1854e81

Request headers

:path: /wp-content/uploads/2021/10/mosquito-off-getty-16x9-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 13:27:37 GMT
server: nginx
etag: "6172bc49-2d248"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 184904
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 pexels-gustavo-fring-6285350-scaled-e1634864878451-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 39 KB
39 KB 281ms
274ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/pexels-gustavo-fring-6285350-scaled-e1634864878451-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 211e3445647a533acb0db94589c6256e4af76cae138b67c17bf45c5fa30763e7

Request headers

:path: /wp-content/uploads/2021/10/pexels-gustavo-fring-6285350-scaled-e1634864878451-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 01:07:59 GMT
server: nginx
etag: "61720eef-9b78"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 39800
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 bay-g92389398a_1920-e1634862365663-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 49 KB
49 KB 280ms
275ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/bay-g92389398a_1920-e1634862365663-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 63a50f5d0eea3ea0a236a57783c071bd814f0089e2708b0d01a1187703f4c856

Request headers

:path: /wp-content/uploads/2021/10/bay-g92389398a_1920-e1634862365663-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 00:26:06 GMT
server: nginx
etag: "6172051e-c3fe"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 50174
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 pexels-karolina-grabowska-5207332-scaled-e1634854073914-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 74 KB
74 KB 280ms
275ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/pexels-karolina-grabowska-5207332-scaled-e1634854073914-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ac0ff298ee8a6cda0fab03b0deae9406e6e81ebb881e30313c3d3ed6497bb4e0

Request headers

:path: /wp-content/uploads/2021/10/pexels-karolina-grabowska-5207332-scaled-e1634854073914-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Thu, 21 Oct 2021 22:07:54 GMT
server: nginx
etag: "6171e4ba-12778"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 75640
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_c0881378c6a14373a1a521ed7042a2aa-e1634830150814-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 92 KB
92 KB 280ms
275ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_c0881378c6a14373a1a521ed7042a2aa-e1634830150814-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a7d5ae799522edccff15f49248d591195b68a5a861e43022b82bb2a0836d1fa7

Request headers

:path: /wp-content/uploads/2021/10/ap_c0881378c6a14373a1a521ed7042a2aa-e1634830150814-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Thu, 21 Oct 2021 15:29:10 GMT
server: nginx
etag: "61718746-16f3e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 94014
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_3789107e54804f64b1dce30692252a89-e1635025772303-900x506.jpg
arizonasports.com/wp-content/uploads/2021/10/ 56 KB
56 KB 523ms
159ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/10/ap_3789107e54804f64b1dce30692252a89-e1635025772303-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48e802eb7acaa1931e633a90d6648935313fab5d96cb20f539a6cc81ebb44f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
last-modified: Sat, 23 Oct 2021 21:49:33 GMT
server: nginx
etag: "6174836d-e02c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 57388
expires: Tue, 23 Nov 2021 02:01:19 GMT

GET
H2 200 ap_6efc3cc90b5444d180d6cf0877690299-e1635020291527-900x506.jpg
arizonasports.com/wp-content/uploads/2021/08/ 88 KB
88 KB 745ms
381ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/08/ap_6efc3cc90b5444d180d6cf0877690299-e1635020291527-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 342e46097f9a7dbc263a1e6706d84da6e655a97e4779f82f2f19b203fd479681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
last-modified: Sat, 23 Oct 2021 20:18:12 GMT
server: nginx
etag: "61746e04-15f36"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 89910
expires: Tue, 23 Nov 2021 02:01:19 GMT

GET
H2 200 ap_3a1898e8a3f14e29ab531c07bb09b646-e1634848059537-900x506.jpg
arizonasports.com/wp-content/uploads/2021/09/ 83 KB
84 KB 745ms
381ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/09/ap_3a1898e8a3f14e29ab531c07bb09b646-e1634848059537-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7858259ae04a96e2ae7bb8180068320ed5e775ff9292cfc1fe15c24638e090f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
last-modified: Thu, 21 Oct 2021 20:27:40 GMT
server: nginx
etag: "6171cd3c-14cf4"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 85236
expires: Tue, 23 Nov 2021 02:01:19 GMT

GET
H2 200 ap_cf641b0c04bc4085b8c5213e6a109f74-e1635008837418-900x506.jpg
arizonasports.com/wp-content/uploads/2021/09/ 64 KB
64 KB 746ms
382ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/09/ap_cf641b0c04bc4085b8c5213e6a109f74-e1635008837418-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a90f04ff4bb291ae77e2fbf820fb4406eb6cdc55330a9abe48c32b3849bb7819

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
last-modified: Sat, 23 Oct 2021 17:07:18 GMT
server: nginx
etag: "61744146-fe43"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 65091
expires: Tue, 23 Nov 2021 02:01:19 GMT

GET
H2 200 ap_06c18ed59208432a92c16871496249d5-e1635006663649-900x506.jpg
arizonasports.com/wp-content/uploads/2021/10/ 65 KB
65 KB 739ms
382ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/10/ap_06c18ed59208432a92c16871496249d5-e1635006663649-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fb15b9dfd29f14b477a21f24ae72a8f2565df775f96843a7fc99fa8a4d50c162

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
last-modified: Sat, 23 Oct 2021 16:31:04 GMT
server: nginx
etag: "617438c8-10212"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 66066
expires: Tue, 23 Nov 2021 02:01:19 GMT

GET
H2 200 ap_c9a998586dca470babbba4613fa97deb-e1634946155118-900x506.jpg
arizonasports.com/wp-content/uploads/2021/10/ 64 KB
64 KB 719ms
382ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arizonasports.com/wp-content/uploads/2021/10/ap_c9a998586dca470babbba4613fa97deb-e1634946155118-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bb25e61768a5ba1c613407d3500463b9c740a9e8c1df8ed7a4e7574191c3868c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
last-modified: Fri, 22 Oct 2021 23:42:36 GMT
server: nginx
etag: "61734c6c-fff3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 65523
expires: Tue, 23 Nov 2021 02:01:19 GMT

GET
H2 200 1397995_239048786263968_766305627_o-e1634926986574-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 69 KB
69 KB 279ms
275ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/1397995_239048786263968_766305627_o-e1634926986574-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e090e54bf5dcac92b59c233a85bbd497e38f6b8527947bef154a121d24ccccd2

Request headers

:path: /wp-content/uploads/2021/10/1397995_239048786263968_766305627_o-e1634926986574-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 22 Oct 2021 18:23:06 GMT
server: nginx
etag: "6173018a-11431"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 70705
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 The-Cubes-at-Mesa-Gateway-Aerial-Rendering-scaled-e1634843863731-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 103 KB
104 KB 279ms
275ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/The-Cubes-at-Mesa-Gateway-Aerial-Rendering-scaled-e1634843863731-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76a1297df4a557e5b8d8a5e283c4a25562f1f876523804e94b3748cb9e7b5171

Request headers

:path: /wp-content/uploads/2021/10/The-Cubes-at-Mesa-Gateway-Aerial-Rendering-scaled-e1634843863731-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Thu, 21 Oct 2021 19:17:45 GMT
server: nginx
etag: "6171bcd9-19d46"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 105798
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 jack-impossible-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 103 KB
104 KB 279ms
276ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/jack-impossible-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8039a6e5dd2ac0f215d2ddd0201faaea2cfbe542cac0dd2f46bb85fbce56a12a

Request headers

:path: /wp-content/uploads/2021/10/jack-impossible-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Thu, 21 Oct 2021 19:26:23 GMT
server: nginx
etag: "6171bedf-19dad"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 105901
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 21297-e1634753377682.jpg
ktar.com/wp-content/uploads/2021/10/ 42 KB
42 KB 279ms
276ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/21297-e1634753377682.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 53324e94c9ac0952ab3d3513dceab8eda460b6fc98e32bf17064e51dabeac979

Request headers

:path: /wp-content/uploads/2021/10/21297-e1634753377682.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Wed, 20 Oct 2021 18:09:38 GMT
server: nginx
etag: "61705b62-a81b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 43035
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 pexels-photo-4057758-e1634745528242-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 56 KB
57 KB 280ms
276ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/pexels-photo-4057758-e1634745528242-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 492c9ed7b6f4e4c5b4e2ef2872c01eeb05bc957f22daa5c87e48fac09c187252

Request headers

:path: /wp-content/uploads/2021/10/pexels-photo-4057758-e1634745528242-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Wed, 20 Oct 2021 15:58:49 GMT
server: nginx
etag: "61703cb9-e1e0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 57824
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_2bcbb9fe02724193b5b46cefd3c83db1-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 100 KB
100 KB 279ms
276ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_2bcbb9fe02724193b5b46cefd3c83db1-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 629d9424a4d1799da46c32d64e752daa3cdda36d6f9fcd70755c869060983c38

Request headers

:path: /wp-content/uploads/2021/10/ap_2bcbb9fe02724193b5b46cefd3c83db1-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sun, 24 Oct 2021 00:56:28 GMT
server: nginx
etag: "6174af3c-18f83"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 102275
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_c533172f96294988ad036919f45baac2-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 42 KB
42 KB 279ms
276ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_c533172f96294988ad036919f45baac2-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8646551c797052d42f39eff2790eab3e05e2b982ae3f1cff127c0532fbf61591

Request headers

:path: /wp-content/uploads/2021/10/ap_c533172f96294988ad036919f45baac2-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sun, 24 Oct 2021 01:38:21 GMT
server: nginx
etag: "6174b90d-a8c7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 43207
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_7c585c131c494b1e8dbfb39e06bc175a-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 123 KB
123 KB 279ms
276ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_7c585c131c494b1e8dbfb39e06bc175a-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 72c2f52f592e1995ff42f5419080fdba038ff4823937bd3019d94cc64f0300d8

Request headers

:path: /wp-content/uploads/2021/10/ap_7c585c131c494b1e8dbfb39e06bc175a-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sat, 23 Oct 2021 21:04:48 GMT
server: nginx
etag: "617478f0-1eab1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 125617
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 ap_8f232dbfd60b4c3abe7bb441fc2e6cf8-900x506.jpg
ktar.com/wp-content/uploads/2021/10/ 90 KB
90 KB 279ms
277ms Image
image/jpeg 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktar.com/wp-content/uploads/2021/10/ap_8f232dbfd60b4c3abe7bb441fc2e6cf8-900x506.jpg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6aa45a2e667b45c5e2d110b6d2679a98d57d817bcf79bdb050de0bdd4bdab256

Request headers

:path: /wp-content/uploads/2021/10/ap_8f232dbfd60b4c3abe7bb441fc2e6cf8-900x506.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ktar.com
referer: https://ktar.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Sat, 23 Oct 2021 19:41:53 GMT
server: nginx
etag: "61746581-16888"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000 public, max-age=31536000
accept-ranges: bytes
content-length: 92296
expires: Tue, 23 Nov 2021 02:01:18 GMT

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/ 325 KB
63 KB 29ms
29ms Script
application/javascript 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

614305ee414f9b73b89b32101c278293814beb310525293d2c24f35c1cd9de0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: Faq6ojkjeFBEt00AhvcPjA==
age: 445123
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:26:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: da0ac1ee-601e-0092-7f6e-c4bc9b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6a2f9dd36ff2fb5c-DUS
expires: Mon, 01 Nov 2021 02:01:18 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 34ms
19ms Font
application/octet-stream 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.7.3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.7.3
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 176798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S6Y%2BZ6z%2BNtXoJK4tdpI2%2FBcIOzynf7z%2F%2FIBrMSjahGvMF8s1gZHb1LLS7Z%2Bm2ofxhztWlxDCOaN9gg1TBBZun4QhpufoTgGm%2BJx5Y%2BPbjZCz1wsm6jcpcXCi%2FKGVsXIgQAnPkHJ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a2f9dd38b49fae5-DUS
expires: Fri, 14 Oct 2022 02:01:18 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 343ms
138ms Script
text/javascript 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fktar.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: aa576095141e634d0ea80baf05f573527ef65175834ec397596318398918e384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 750
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 pubads_impl_2021101901.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 62ms
21ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125444
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 08:35:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Oct 2021 02:01:18 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 123 B
707 B 58ms
23ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ktar.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

9c90decd6b56b50b940452832ba1225835e51c1bffe2e3f709a6f555522ecc06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0
expires: Sun, 24 Oct 2021 02:01:18 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/96d83517-a163-4ffe-9ea9-a4e9cd901cff/203a4fa3-a42e-4ca5-a0ff-8e699568899c/ 43 KB
11 KB 28ms
28ms Fetch
application/x-javascript 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/96d83517-a163-4ffe-9ea9-a4e9cd901cff/203a4fa3-a42e-4ca5-a0ff-8e699568899c/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db008e4be3499f0f4baefb2a3e3ac365a85628b6b903eeb6b121f6892a733354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: KDttNkP3fEVhSY2r6auEQw==
x-ms-lease-status: unlocked
last-modified: Tue, 30 Jun 2020 21:13:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cc10f965-a01e-0069-7ecb-8c0101000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6a2f9dd3dfc87160-DUS

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 74ms
41ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7J7KCG2FVK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0d17aba265080b084110ec4921e033211710c1fb3c8d1e85322484acc8ca05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49381
x-xss-protection: 0
expires: Sun, 24 Oct 2021 02:01:18 GMT

GET
H3

200

activityi;dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
10288467.fls.doubleclick.net/ Frame EA15
Redirect Chain

https://10288467.fls.doubleclick.net/activityi;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
https://10288467.fls.doubleclick.net/activityi;dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2...

480 B
407 B

70ms
38ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10288467.fls.doubleclick.net/activityi;dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

6772484872fc6dd37ba343bbeeea75b742e14e4d711664d24dce347cdadcd263

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10288467.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 24-Oct-2021 02:16:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10288467.fls.doubleclick.net/activityi;dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3

200

activityi;dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
10620649.fls.doubleclick.net/ Frame B258
Redirect Chain

https://10620649.fls.doubleclick.net/activityi;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
https://10620649.fls.doubleclick.net/activityi;dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2...

480 B
405 B

61ms
34ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10620649.fls.doubleclick.net/activityi;dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

9565e457057d5d5dba01ca8df012d40202673e7a2d91b6505a28467b3a58d560

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10620649.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 380
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 24-Oct-2021 02:16:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10620649.fls.doubleclick.net/activityi;dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3

200

activityi;dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
9445712.fls.doubleclick.net/ Frame D341
Redirect Chain

https://9445712.fls.doubleclick.net/activityi;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
https://9445712.fls.doubleclick.net/activityi;dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2...

481 B
407 B

37ms
36ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9445712.fls.doubleclick.net/activityi;dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

78bf2d1d89535409498d943275502f3f969aea6d85c3055f3ca4bce68f07a8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9445712.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 24-Oct-2021 02:16:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9445712.fls.doubleclick.net/activityi;dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3

200

activityi;dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
10625865.fls.doubleclick.net/ Frame DAE1
Redirect Chain

https://10625865.fls.doubleclick.net/activityi;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
https://10625865.fls.doubleclick.net/activityi;dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2...

480 B
407 B

38ms
38ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10625865.fls.doubleclick.net/activityi;dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

eb6dfc8d785524bfd2b29de27ecda680c59aec9482fcae32fa9e93ee24d7fb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10625865.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 24-Oct-2021 02:16:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10625865.fls.doubleclick.net/activityi;dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: vW2AF4JIbrhxaWera6GXbn6zWbyLEDOTUxO3y2J0g+fcQK+VMcOQxI7FQC0Y+PraEZ3Pa+cOovWgMt5VOsajiw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 24 Oct 2021 02:01:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 58ms
57ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9919737

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ae48df720df9b8676ce3c65cebddc80488451d3dd9431148d588bda62814cd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35656
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:01:18 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
578 B 42ms
13ms Image
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1456708&t=2

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:18 GMT
X-Proxy-Origin: 216.131.111.39; 216.131.111.39; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3d7fda5b-5fbd-4f14-a989-fcdf1244f504
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/ 23 KB
4 KB 18ms
17ms Fetch
application/json 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84153107c9783beb9cd872cea87403d57ef93bde35eb9c4e9432dfc9d594b94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: PMy/rO33ZxNqN5zz4lNYEg==
age: 426135
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:25:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f74cca65-a01e-0069-1c6e-c40101000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6a2f9dd4787b7160-DUS
expires: Mon, 01 Nov 2021 02:01:18 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/ 100 KB
18 KB 18ms
18ms Fetch
application/json 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/assets/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 24 Oct 2021 02:01:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: khu7UrcWK2GuRVvI036GCQ==
age: 243239
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jun 2020 21:25:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8296d372-401e-0095-316e-c4d0f8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6a2f9dd4787c7160-DUS
expires: Mon, 01 Nov 2021 02:01:18 GMT

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/cc267ab8871224bd/ 290 KB
290 KB 75ms
28ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

sffe /

Resource Hash

71173eb1cc84ee88adebf5552afaf335a6d6b2759d37b722b56f7d05c9abc1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 23:23:44 GMT
x-content-type-options: nosniff
age: 182254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 296486
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 21:05:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 21 Oct 2022 23:23:44 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/cc267ab8871224bd/ 41 KB
9 KB 70ms
23ms Stylesheet
text/css 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/cc267ab8871224bd/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 21:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9032
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 21:05:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 20 Oct 2022 21:05:02 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
4 KB 67ms
21ms Stylesheet
text/css 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=016901429690765427163:i60nfdckotw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:26:27 GMT
x-content-type-options: nosniff
age: 2091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 24 Oct 2021 02:16:27 GMT

GET
H3 200 418296865552530 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 63ms
54ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/418296865552530?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

d0b545535c8c37bf9e9c596800eec809e48fb2b1aeba24936d5553d70e496b2a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: RR4ZTzT7QLON2xdTZZG5/aoAkqgs9+ln0yEmU45J+XvxxYIvnWbLJxOH6R8CiWkomJJRnNYyDnuAlBhlOyrxcw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 24 Oct 2021 02:01:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
313 B 80ms
30ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7J7KCG2FVK&gtm=2oeak0&_p=939105914&sr=1600x1200&ul=en-us&cid=1848816137.1635040879&_s=1&dl=https%3A%2F%2Fktar.com%2F&dt=Home%20-%20KTAR.com&sid=1635040878&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7J7KCG2FVK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ktar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ktar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
9919737.fls.doubleclick.net/ Frame DEBC
Redirect Chain

https://9919737.fls.doubleclick.net/activityi;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
https://9919737.fls.doubleclick.net/activityi;dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com...

380 B
343 B

39ms
39ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9919737.fls.doubleclick.net/activityi;dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9919737

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

7e8350e4a058070a6b17f730e2648fb0296c9959fc2a9099ba90ee97e1b08783

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9919737.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
expires: Sun, 24 Oct 2021 02:01:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 318
x-xss-protection: 0
set-cookie: IDE=AHWqTUlsIrlSjoSGMXV16OkJlb_OkLAir0REx38ZKcotKseJTV0-qUrTZFycaRSxej8; expires=Fri, 18-Nov-2022 02:01:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9919737.fls.doubleclick.net/activityi;dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3

200

activityi;dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
9919737.fls.doubleclick.net/ Frame BDE8
Redirect Chain

https://9919737.fls.doubleclick.net/activityi;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
https://9919737.fls.doubleclick.net/activityi;dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%...

390 B
351 B

39ms
39ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9919737.fls.doubleclick.net/activityi;dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9919737

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

abff15e5e299deb81c44592d6aad331d851c246cac9f0c6167f7a1d9a4061ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9919737.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Sun, 24 Oct 2021 02:01:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 326
x-xss-protection: 0
set-cookie: IDE=AHWqTUl8tvlECDWgyzCbEbKZiqssJUNEm09gTHPTV2jSEcGqZyBUXoAw9vECDXA8Q2s; expires=Fri, 18-Nov-2022 02:01:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9919737.fls.doubleclick.net/activityi;dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 23ms
7ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418296865552530&ev=PageView&dl=https%3A%2F%2Fktar.com%2F&rl=&if=false&ts=1635040878977&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1635040878976.1808197000&it=1635040878806&coo=false&rqm=GET

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 24 Oct 2021 02:01:18 GMT

GET
H/1.1 200
OK 318665 Show response
api.secondstreetapp.com/audience_signup_widgets/ 3 KB
2 KB 394ms
95ms Script
text/javascript 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.secondstreetapp.com/audience_signup_widgets/318665?callback=secondStreetOptinWidget_318665
Requested by: Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-45.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d00df460ffc64663c41e6bce8b91d698eac4e1589c0dde647ac1e11fe8258b10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:02:21 GMT
Content-Encoding: br
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Age: 576
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 107
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|6a237f22-633d-4862-bafe-db6bd983cf82|C69601|CD66
Cache-Control: public, max-age=600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1249
Expires: Sun, 24 Oct 2021 02:01:44 GMT

GET
H2 200 dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame E1A3 479 B
453 B 62ms
25ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 10288467.fls.doubleclick.net
URL: https://10288467.fls.doubleclick.net/activityi;dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8fac43ee42261f7c5661cfcf61b6f14c25cc5739eb683b2795734e95499cbf7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10288467.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10288467.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame A2E0 479 B
820 B 61ms
24ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 10625865.fls.doubleclick.net
URL: https://10625865.fls.doubleclick.net/activityi;dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

dce12daa5be35bb8469cb609cb8a08a8e68c2517b5db07acbb6993184046be60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10625865.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10625865.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 7F50 480 B
446 B 62ms
26ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 9445712.fls.doubleclick.net
URL: https://9445712.fls.doubleclick.net/activityi;dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

6006bb78bc78e8f2f2636dfb8a6a95a85b4ff1f6368d2ff9dbe10123af6dd64a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9445712.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9445712.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame BE8D 479 B
452 B 61ms
25ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 10620649.fls.doubleclick.net
URL: https://10620649.fls.doubleclick.net/activityi;dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a23f0373c030d443873edaeae1c91df7e53542e4a066cb25302ad66aee65d819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10620649.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10620649.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 68ms
29ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding: gzip
etag: e2b905aea413c4d7479fb2bb9cbc6c65
age: 836
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0CMC8VSF44RZ9DG7HGBT
date: Sun, 24 Oct 2021 01:48:50 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xK73PmhctQAtUu_STKo53Rg4CLhfA0teDPkLVv_P7LeXNHhJOi0S3w==

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 65ms
20ms Script
text/javascript 74.125.140.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 3355
date: Sun, 24 Oct 2021 01:05:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17093
expires: Sun, 24 Oct 2021 03:05:24 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 weathericons-regular-webfont.woff
ktar.com/wp-content/plugins/weather-widgets/widgets/assets/fonts/ 39 KB
40 KB 139ms
139ms Font
font/woff 104.198.205.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/fonts/weathericons-regular-webfont.woff
Requested by: Host: ktar.com
URL: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/weather-icons.css?ver=1.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.205.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.205.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94df7590b4dad14ca1d32dc0713d4fd8290def36b9019313898bf10546e09f4f

Request headers

sec-fetch-mode: cors
origin: https://ktar.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: ntvSession={}; _gcl_au=1.1.1889839354.1635040879; _ga_7J7KCG2FVK=GS1.1.1635040878.1.0.1635040878.0; _ga=GA1.1.1848816137.1635040879; OptanonConsent=isIABGlobal=false&datestamp=Sun+Oct+24+2021+02%3A01%3A18+GMT%2B0000+(GMT)&version=6.2.0&consentId=ad9c919c-e256-4e1b-a4cc-9451a45a4730&interactionCount=0&landingPath=https%3A%2F%2Fktar.com%2F; _fbp=fb.1.1635040878976.1808197000
:path: /wp-content/plugins/weather-widgets/widgets/assets/fonts/weathericons-regular-webfont.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ktar.com
referer: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/weather-icons.css?ver=1.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ktar.com/wp-content/plugins/weather-widgets/widgets/assets/css/weather-icons.css?ver=1.2
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
last-modified: Tue, 17 Dec 2019 18:39:49 GMT
server: nginx
etag: "5df920f5-9dd8"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 40408

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 149 KB
53 KB 80ms
33ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__en.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

sffe /

Resource Hash

3343a45721d0de4e5337d0477f1f7e4e6b9236ff9eb2d9427283d0264df50d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
server: sffe
etag: "7536814481249537192"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-afs-ui"
expires: Sun, 24 Oct 2021 02:01:19 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 23ms
22ms Image
image/png 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 03:42:08 GMT
x-content-type-options: nosniff
age: 339551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 20 Oct 2022 03:42:08 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
149 B 141ms
23ms Image
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
102ms Image
image/gif 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8479325&ntv_pl=1119446
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 103ms
102ms Image
image/gif 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=a02be50e-38bf-4fef-a506-8d860f1552ac&ntv_fl=CF4se3gYGjAPzQcMJoAeWT7DODT5VmcFZkQoiyl71wzlwksj0jpdFFhIBoApPN03JiAbtgd65oM_cx2O60pv8cWpvSs7HKPXuklYqzbNBxhbcFd8LeP40JcLdAboYQRi_boIfxjg3UXFguN7GzKguN7UKHkjdiCxalMyvycq_766tdGye8661NOL-vbSjfTH&ntv_ht=br50YQA&ntv_at=303,302&ntv_a=AAAAAAAAAAJFwRA&ord=1635040879088&ntv_it
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 103ms
102ms Image
image/gif 54.146.124.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1137700&ntv_gdpr_consent=&ntv_it
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.124.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-124-230.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:539540237196:web:9422ab9022a60adbabc4a9/ 369 B
261 B 82ms
50ms Fetch
application/json 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:539540237196:web:9422ab9022a60adbabc4a9/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.7.0/firebase-analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

0d9048d0773313ba7746bcbed29ca2d18c339f7f0a3627e359de8f7146bf09c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://ktar.com/
x-goog-api-key: AIzaSyCFd4rYfG29NlfvpSsVhdGXch0PVWAbxDY
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ktar.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 238
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:539540237196:web:9422ab9022a60adbabc4a9/ Frame 0
0 90ms
41ms Preflight
text/html 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:539540237196:web:9422ab9022a60adbabc4a9/webConfig

Protocol

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-goog-api-key
Origin: https://ktar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://ktar.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: x-goog-api-key
access-control-max-age: 3600
date: Sun, 24 Oct 2021 02:01:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET count.json
urls.api.twitter.com/1/urls/ 0
0

GET
H3 200 dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F
adservice.google.com/ddm/fls/z/ Frame DEBC 42 B
63 B 64ms
30ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 9919737.fls.doubleclick.net
URL: https://9919737.fls.doubleclick.net/activityi;dc_pre=CMHcofb54fMCFUo-4AodqrsJbg;src=9919737;type=lp;cat=landi0;ord=6299182650101;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9919737.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F
adservice.google.com/ddm/fls/z/ Frame BDE8 42 B
63 B 63ms
33ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=*;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: 9919737.fls.doubleclick.net
URL: https://9919737.fls.doubleclick.net/activityi;dc_pre=CJHzo_b54fMCFfPTEQgdp2cNDA;src=9919737;type=remar0;cat=ktarc0;ord=1;num=2529472301643;gtm=2odak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9919737.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 16F5 194 B
242 B 94ms
32ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CNfSm_b54fMCFYjREQgdymAC4g;src=10625865;type=dv3600;cat=ktara0;ord=1;num=8332364826987;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Sun, 24 Oct 2021 02:01:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3

200

dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
9445712.fls.doubleclick.net/ddm/fls/r/ Frame E8ED
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar...
https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2...

859 B
524 B

35ms
34ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

da03b252f14ccb757f006891da428808723e460034b7bc09446eb26bd04dd93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9445712.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUl8tvlECDWgyzCbEbKZiqssJUNEm09gTHPTV2jSEcGqZyBUXoAw9vECDXA8Q2s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Sun, 24 Oct 2021 02:01:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 82A0 194 B
242 B 92ms
33ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CPLDmfb54fMCFVaB3godsQYPMA;src=10288467;type=arizo0;cat=ktarr0;ord=1;num=4045832422721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Sun, 24 Oct 2021 02:01:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 6BC8 194 B
794 B 88ms
31ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=COjpmvb54fMCFYnTEQgdz44Ccg;src=10620649;type=carol0;cat=ktara0;ord=1;num=1128589133721;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Sun, 24 Oct 2021 02:01:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1229051537&utmhn=ktar.com&utme=8(Static%20Page%22)9(News)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1848816137.1635040879&jid=996140440&_v=5.7.2dc&z=1229051537
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1848816137.1635040879&jid=996140440&_v=5.7.2dc&z=1229051537&slf_rd=1&random=3940536539

42 B
472 B

82ms
31ms

Image
image/gif

142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1848816137.1635040879&jid=996140440&_v=5.7.2dc&z=1229051537&slf_rd=1&random=3940536539

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-333933-4&cid=1848816137.1635040879&jid=996140440&_v=5.7.2dc&z=1229051537&slf_rd=1&random=3940536539
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
298 B 102ms
101ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fktar.com%2F&pubid=88f7e3c0-0e80-4be3-93dd-e2b13b353277
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:18 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://ktar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: k3Y_xh8kgc8K0xUvKnCN_s8enBHuDX54_fJqW3Zg1nRg-BvoSeNYGw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
487 B 49ms
48ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fktar.com%2F&pid=4Bxfm82Z4f279&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1034751%2Fktar_right_1%22%7D%5D&pubid=88f7e3c0-0e80-4be3-93dd-e2b13b353277&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: PVMXKFYVDQPF612ZB8WF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ktar.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: KXDpdjRE7KC1y4A2q-ND_wn7ts3uHwZRK5JwqeZHgylQ6pdroeCG7w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 37ms
11ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Sun, 24 Oct 2021 02:01:19 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: 5ZrSBOM0oPO8thP_Gbn3NRuowZckIw-IXVqLNPjvExmfXAj82NV4xA==

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ktar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 1765ms
1724ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879288&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=2863397737&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x433&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

c1a7a915e4fc2cc322d4999c340614da857f4b2b4cb91dd4f727ee58f73eb21c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8977
x-xss-protection: 0
google-lineitem-id: 5580998864
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138366043528
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 426 B
251 B 1750ms
1710ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_promo_box&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879294&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=2513822422&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x433&msz=300x100&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

bd1092bd9d7948bd6dad59e577665ff52e18bbe439af5c3cfb10a4660d8f27b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1752ms
1712ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879297&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=1657&adks=369802165&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

765622fd139915bae60e6cd2d772d7d9f4d5d72d7b3c6bc77b114f0ab52b1374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9268
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1430ms
1390ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879299&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=2230&adks=2094632039&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

62777e4974a37d52417b06f8b5509cddd365847b01459fe0172b7ed81c65b7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9266
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 2062ms
2023ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879302&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=2825&adks=3866149410&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

2cce0a1559780dc5bd1c41ebe7e7d7bb8243f1a9dc53a63210c7c09e5b9510ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10792
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 760ms
721ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879305&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=3591&adks=2202156113&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

fe6117141d60d9c06d701717bbb787438cc5d57ce4be1a606ceb1c77511d72ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9265
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 2396ms
2357ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879307&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=4186&adks=837428499&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

0492e8a1fdb06a29413e023320fe9605f6290548450d89ee99304a8b89de65d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10803
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 438ms
399ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879312&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=5136&adks=5695250&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

68c757e1b762b2b899b01eb70f7705ba33928cb1978939665bfb8c18bd6db53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10331
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1129ms
1091ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879316&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=5879&adks=2032827743&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ab3be8650d8b0e39f86ddbbae4eac472a10d0098b1e4221a31d8cc0ea59b9023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9261
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
245 B 2683ms
2644ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879319&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=6657&adks=448042562&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x250&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e53958190e28b894b4019cc931f9345af5f450363c1ec0824780ed5886be1d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ktar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DF5 6 KB
4 KB 110ms
28ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/bonneville-phoenix/ Frame 0
0 65ms
24ms Preflight
text/html 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bonneville-phoenix/installations

Protocol

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f106.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://ktar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://ktar.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Sun, 24 Oct 2021 02:01:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/bonneville-phoenix/ 578 B
474 B 334ms
314ms Fetch
application/json 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/bonneville-phoenix/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.7.0/firebase-analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f106.1e100.net

Software

ESF /

Resource Hash

59529a4d1e6fbcee24a57e2b815f975a3cd61e3823b51ae99eaedf85e9cd52eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://ktar.com/
x-goog-api-key: AIzaSyCFd4rYfG29NlfvpSsVhdGXch0PVWAbxDY
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ktar.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 451
x-xss-protection: 0

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame E8ED 45 KB
18 KB 82ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9445712.fls.doubleclick.net
URL: https://9445712.fls.doubleclick.net/ddm/fls/r/dc_pre=COvrm_b54fMCFb3TEQgdcEcNBg;src=9445712;type=invmedia;cat=allpa0;ord=1;num=5414654491970;gtm=2wgak0;auiddc=1889839354.1635040879;~oref=https%3A%2F%2Fktar.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

15f6865841563f9690aa73d93d6af4f80c0544d09b1c9f1479c44edd1bec5f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9445712.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17678
x-xss-protection: 0
server: cafe
etag: 7688520411956436205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Oct 2021 02:01:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EC7B 2 KB
436 B 57ms
29ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:10:06 GMT
server: ESF
date: Sun, 24 Oct 2021 02:01:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 24 Oct 2021 02:01:19 GMT

GET
H/1.1 200
OK 2044685
media.secondstreetapp.com/ Frame EC7B 12 KB
12 KB 378ms
99ms Image
image/png 54.197.229.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.secondstreetapp.com/2044685
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-45.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 41c99a3fe7353454939f9640d6f9cd8128e79b35511513f6d02175315c3eb8d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:01:19 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 102
Content-Type: image/png
X-StackifyID: V2|c5ccee0d-d5f3-4f6a-b389-255ebb9380c5|C69601|CD64
Cache-Control: public, max-age=31536000
Content-Length: 11958
Expires: Mon, 24 Oct 2022 02:01:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
41 KB 43ms
42ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5BSVRFW0T9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJT8PCK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b6c6f540f628a76b52f3fc70b9b62c2419dcf0e2483224911be363ac0974e861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42064
x-xss-protection: 0
expires: Sun, 24 Oct 2021 02:01:19 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EC49 0
18 B 16ms
7ms Document
text/plain 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ktar.com
URL: https://ktar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2819
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://ktar.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
cookie: fr=0fLJBKmCDGrSi2c0n..BhdL5u...1.0.BhdL5u.
Upgrade-Insecure-Requests: 1
Origin: https://ktar.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://ktar.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Sun, 24 Oct 2021 02:01:19 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame EC7B 30 KB
30 KB 54ms
23ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:58:13 GMT
x-content-type-options: nosniff
age: 169386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 02:58:13 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame EC7B 30 KB
30 KB 58ms
28ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ktar.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:58:13 GMT
x-content-type-options: nosniff
age: 169386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 02:58:13 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/735523585/ Frame E8ED 2 KB
1 KB 63ms
33ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/735523585/?random=1635040879502&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOvrm_b54fMCFb3TEQgdcEcNBg%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D5414654491970%3Bgtm%3D2wgak0%3Bauiddc%3D1889839354.1635040879%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9c8fbf98274be3eb7cfa748c3dabd4d7a7038aef165c97357935dc28972cbb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9445712.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 60ms
30ms Ping
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5BSVRFW0T9&gtm=2oeak0&_p=939105914&sr=1600x1200&ul=en-us&_fid=d6uotcK2uonJb_3UZBpN-L&cid=1848816137.1635040879&_s=1&dl=https%3A%2F%2Fktar.com%2F&dt=Home%20-%20KTAR.com&sid=1635040879&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5BSVRFW0T9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ktar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ktar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/735523585/ Frame E8ED
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735523585/?random=1146227640&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/735523585/?random=1146227640&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&...
https://www.google.de/pagead/1p-conversion/735523585/?random=1146227640&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...

42 B
64 B

74ms
40ms

Image
image/gif

142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/735523585/?random=1146227640&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOvrm_b54fMCFb3TEQgdcEcNBg%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D5414654491970%3Bgtm%3D2wgak0%3Bauiddc%3D1889839354.1635040879%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b750YeTfIcTQ7gPLtpo4&cid=CAQSKQCNIrLMujEiRi0oAjhTcRCEzRHO-uVTv236RJpnzE9PXBbtqrWJ_7li&random=252033268&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9445712.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/735523585/?random=1146227640&cv=9&fst=1635040879502&num=1&npa=1&label=yu_mCKHwl_QBEIHm3N4C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9445712.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOvrm_b54fMCFb3TEQgdcEcNBg%3Bsrc%3D9445712%3Btype%3Dinvmedia%3Bcat%3Dallpa0%3Bord%3D1%3Bnum%3D5414654491970%3Bgtm%3D2wgak0%3Bauiddc%3D1889839354.1635040879%3B~oref%3Dhttps%253A%252F%252Fktar.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b750YeTfIcTQ7gPLtpo4&cid=CAQSKQCNIrLMujEiRi0oAjhTcRCEzRHO-uVTv236RJpnzE9PXBbtqrWJ_7li&random=252033268&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB22 6 KB
3 KB 55ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DB22 0
0 57ms
56ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzL2Hb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoExgFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jgQwC7xrqmzIwjw7ovxRW1WQDvgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTY1NTY5NjQwMDU1MDMyGM_OBw&sigh=rcmYYuAI7eg&uach_m=[UACH]&cid=CAQSOwCNIrLM0NLITXMmRXfmOS3_bqZ5VeZ2frn74q1RS42EZW0OjnxHKEYGyHGOT_uM8pAXEzuUDoG3tkpmGAE
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame DB22 0
0 61ms
23ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gdz5hfs0sjrevgkpp736d6gpfgtphmm3nnkysdvddwvpq5vj65wbf64f8g81hf3nphy7m0zd2m82q9wpgw2dzazs6c6t3r39j78dkwmwjdj7wpx8eb2kcrkb0sx22tfrrntrhdm5fdqgbmcrsngc1v8wsnj8c9fwgdwcmhf16zzzhrqp7nxz0jz872nkg9qvetxzy115nmrx09fqrp40je7xnaav1nqh2qv3v9thqgq7x8y0xszekxc96v3ye0fgm012f558jx182w2wndwn445x8ktwfm3z9zqtpz5h8vb14y06s65kfc1xg5d8r1shcnmnhwa8ehggt14awvnqrn258aggmnrt58w1ftxkswea2ga1h7rdctab4dfw83sb80ckc592w&b=YXS-bwAGHF8K3rwTAAp9I_DNKwTW0U1jIvDUTw
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Oct 2021 02:01:19 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 611E 2 KB
3 KB 91ms
43ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k5s33ga4nv9706jhhzwmsyz4ya212dv4zhcayvpnvg9h07481qbjvryg703z8vpbgrk1hta6qa5e28zhcakh2esf9y9jdv2rq9dyfr912nnw59ypw7t3f45ba3zcw010qtbh7srf42nb8spxnrr2yeth8ykv29m0hp7h6fdmdkhf8qnb8pgyd612cmgm49tj1zc96yrndd0pqqnpc31p2azw5zgqrnhzz3k9yt83qrqy1svkq1nwjca9d9ajbkthgjhzf63pk3mjnwcvd1876ktemc9p1m1akhn4q95y97my1kdvdmtqdrftmhajscajwwsmse3gpefhana84e867ytf8bcq1651zwj82p99rzhp0hr39azkggf8esp78z4wznzh6z71fxe6yzygt4q5wvqwcwcrr6yhc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1323f55009c0f0d44210cce3b96990b5d56ded661defc48a114d3ad8abd83c01

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1k5s33ga4nv9706jhhzwmsyz4ya212dv4zhcayvpnvg9h07481qbjvryg703z8vpbgrk1hta6qa5e28zhcakh2esf9y9jdv2rq9dyfr912nnw59ypw7t3f45ba3zcw010qtbh7srf42nb8spxnrr2yeth8ykv29m0hp7h6fdmdkhf8qnb8pgyd612cmgm49tj1zc96yrndd0pqqnpc31p2azw5zgqrnhzz3k9yt83qrqy1svkq1nwjca9d9ajbkthgjhzf63pk3mjnwcvd1876ktemc9p1m1akhn4q95y97my1kdvdmtqdrftmhajscajwwsmse3gpefhana84e867ytf8bcq1651zwj82p99rzhp0hr39azkggf8esp78z4wznzh6z71fxe6yzygt4q5wvqwcwcrr6yhc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%26client%3Dca-pub-5965569640055032%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9ddb6bfc65aa-LHR
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DB22 3 KB
1 KB 87ms
29ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1828
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:30:51 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7D9B 1 KB
1 KB 48ms
13ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 18:26:41 GMT
expires: Sun, 24 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27278
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB22 120 KB
37 KB 71ms
43ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:01:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DB22 14 KB
7 KB 82ms
26ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:36:07 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DB22 22 KB
7 KB 86ms
29ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 16:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 16:23:19 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7D9B 35 B
463 B 25ms
8ms Image
image/gif 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaBSTM_sMMD6quSlEr8_4E&google_cver=1&google_push=AYg5qPJXv0jLaY_leWbF-PCV1rqSIDJWcGrtvdk21JcVsgOUcuuhT4nOYX5YIesh37-yFWF3e5xobWVDir3onyKvfrvYSIKXYC2C

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D9B
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI5X6hOYpW_ITmNom8__G6LHi9xTr52P5nXQjfwrzAZx9_UW625GYxrPzVGyA_Cw0TyiXiZpxC-_FbsNke7QGPOlb4QAvaAJw&google_gid=CAESEGqnl6nHQt8_Yusb0XCHbOc&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO_80osGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBJNVg2aE9ZcFdfSVRtTm9tOF9fRzZMSGk5eFRyNTJQNW5YUWpmd3J6QVp4OV9VVzYyNUdZeHJQelZHeUFfQ3cwVHlpWGlacHhDLV9GYnNOa2...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM1BnOUJMdThoY0xoYVM3RUZLMHBCNEVmWHpqVGs0RkstR0pSaVp0Zl85UQ==&google_push

170 B
188 B

27ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM1BnOUJMdThoY0xoYVM3RUZLMHBCNEVmWHpqVGs0RkstR0pSaVp0Zl85UQ==&google_push

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM1BnOUJMdThoY0xoYVM3RUZLMHBCNEVmWHpqVGs0RkstR0pSaVp0Zl85UQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D9B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

28ms
27ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJSDNMugWWMbtWO3-8Zjlyww8Z_QOURQYEe2yJxag32oe8LQqmZCTBPlyqdiDbIcQJsHNVCOKXZBjFUeRkYnLW91JjNki75UA

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJSDNMugWWMbtWO3-8Zjlyww8Z_QOURQYEe2yJxag32oe8LQqmZCTBPlyqdiDbIcQJsHNVCOKXZBjFUeRkYnLW91JjNki75UA
date: Sun, 24 Oct 2021 02:01:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D9B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELST1aZ_o0MHa3q32ztVGdA&google_cver=1&google_push=AYg5qPLhCq4ArbGvJoWfpHjW9jN45afTJ6Jzca1XO8f1xEnN19qGBMtYpCBmP9-l0Az1Gz202uT...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TDRIOFAtMVktM0VUMQ==&google_push=AYg5qPLhCq4ArbGvJoWfpHjW9jN45afTJ6Jzca1XO8f1xEnN19qGBMtYpCBmP9-l0Az1Gz202uTOD077Rcs7RI6pq-rHq4mcU0nUrQ

170 B
188 B

48ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TDRIOFAtMVktM0VUMQ==&google_push=AYg5qPLhCq4ArbGvJoWfpHjW9jN45afTJ6Jzca1XO8f1xEnN19qGBMtYpCBmP9-l0Az1Gz202uTOD077Rcs7RI6pq-rHq4mcU0nUrQ

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TDRIOFAtMVktM0VUMQ==&google_push=AYg5qPLhCq4ArbGvJoWfpHjW9jN45afTJ6Jzca1XO8f1xEnN19qGBMtYpCBmP9-l0Az1Gz202uTOD077Rcs7RI6pq-rHq4mcU0nUrQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 7D9B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 7D9B 43 B
296 B 61ms
20ms Image
image/gif 3.8.79.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDZla6Cxry2rX-VwWDjsRHE&google_cver=1&google_push=AYg5qPL3gtp-dfLLiVPYPSL_St4-b31gX45J7BQHulawcbpGYRFnaS1Gb7fuNG-oks_TX2NFjZZzyzee254lXt-OHzdmZCnQUxIgbg
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.79.110 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-79-110.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:19 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7D9B 0
203 B 59ms
23ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPYHgIwHiG9NloaRMqfboc3etHBviidFR6OLuip7-9TKb_nCvfow5RPJ3fQp9o_A

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame DB22 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7af7bcb99c847a3c73bd70aba0cf0cd7a27e8e21e87cc44f26941da6ac8d836b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 611E 64 KB
8 KB 60ms
37ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k5s33ga4nv9706jhhzwmsyz4ya212dv4zhcayvpnvg9h07481qbjvryg703z8vpbgrk1hta6qa5e28zhcakh2esf9y9jdv2rq9dyfr912nnw59ypw7t3f45ba3zcw010qtbh7srf42nb8spxnrr2yeth8ykv29m0hp7h6fdmdkhf8qnb8pgyd612cmgm49tj1zc96yrndd0pqqnpc31p2azw5zgqrnhzz3k9yt83qrqy1svkq1nwjca9d9ajbkthgjhzf63pk3mjnwcvd1876ktemc9p1m1akhn4q95y97my1kdvdmtqdrftmhajscajwwsmse3gpefhana84e867ytf8bcq1651zwj82p99rzhp0hr39azkggf8esp78z4wznzh6z71fxe6yzygt4q5wvqwcwcrr6yhc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k5s33ga4nv9706jhhzwmsyz4ya212dv4zhcayvpnvg9h07481qbjvryg703z8vpbgrk1hta6qa5e28zhcakh2esf9y9jdv2rq9dyfr912nnw59ypw7t3f45ba3zcw010qtbh7srf42nb8spxnrr2yeth8ykv29m0hp7h6fdmdkhf8qnb8pgyd612cmgm49tj1zc96yrndd0pqqnpc31p2azw5zgqrnhzz3k9yt83qrqy1svkq1nwjca9d9ajbkthgjhzf63pk3mjnwcvd1876ktemc9p1m1akhn4q95y97my1kdvdmtqdrftmhajscajwwsmse3gpefhana84e867ytf8bcq1651zwj82p99rzhp0hr39azkggf8esp78z4wznzh6z71fxe6yzygt4q5wvqwcwcrr6yhc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221145
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9ddc283a5440-LHR
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 611E 36 KB
13 KB 42ms
28ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k5s33ga4nv9706jhhzwmsyz4ya212dv4zhcayvpnvg9h07481qbjvryg703z8vpbgrk1hta6qa5e28zhcakh2esf9y9jdv2rq9dyfr912nnw59ypw7t3f45ba3zcw010qtbh7srf42nb8spxnrr2yeth8ykv29m0hp7h6fdmdkhf8qnb8pgyd612cmgm49tj1zc96yrndd0pqqnpc31p2azw5zgqrnhzz3k9yt83qrqy1svkq1nwjca9d9ajbkthgjhzf63pk3mjnwcvd1876ktemc9p1m1akhn4q95y97my1kdvdmtqdrftmhajscajwwsmse3gpefhana84e867ytf8bcq1651zwj82p99rzhp0hr39azkggf8esp78z4wznzh6z71fxe6yzygt4q5wvqwcwcrr6yhc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50017
x-guploader-uploadid: ADPycdsHPR-0WbrwHtujO57kxTC7JXJB_18UorWbtnrU5Mmrm4TUzFm5j6AIGdBgm2flZgscAhO03gaj1f-kZVRpf84U89SF1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:57 GMT
server: cloudflare
etag: W/"8117c73fc4e946a604517e9066dbb583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVYdp%2BF12rulOgbxQ6A0vCz2jANSj7xRxzwJEyTUEJso8B0478KdQUVQ4cY%2FHia0BT01lK8y1nMuB%2Bj4tSRLsjfMBQ%2FQ6gCN7R1C8WUsE7LKF%2B0T%2FTKlBD8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729216993678
content-type: application/javascript; charset=utf-8
expires: Sat, 23 Oct 2021 12:07:43 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11927
cf-ray: 6a2f9ddc1c8765aa-LHR
cf-bgj: minify

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 611E 3 KB
4 KB 73ms
25ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933392
x-guploader-uploadid: ADPycdsUBSwxHn4phaM_fSMzz8i8mhDMWYE4fTZXaieEYLTAiiTVYLRZgbXnHhlSIji6E0ietJ-1qYTcbg2dUf3sGaA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lPrMFJo8uo9H2%2BCOx7DSAZ105MHw3CzErfLc7T%2BdoxrQlfAyoqa3JD6dfikM0Tn9RH4D4eBT0cl0%2BWd8LUwyZp5SPYRyArz%2FebB7uwP4rYGqF%2Fa4eFZdA8RigT%2FqDKWB1gJ%2BnFi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a2f9ddcbd2c656a-LHR
expires: Thu, 13 Oct 2022 06:44:48 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 86D8 2 KB
2 KB 28ms
28ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UyU28B2efLnalLRJpp1c98cvyZKzhwanAq9kVA0wrp9DwnzPDrTmei-CKOE5AaTSC-WvgX_eUP8wMH2DdM5rYKGETrUOQ
expires: Sun, 24 Oct 2021 03:01:20 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2517966
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9H%2FQf5iHnUyoBMirLfkegs1XCfrxgmzZjfOaA9y9AfUrU2KvugO%2FRc7bwUhkYFTAmWQFOHQqWShshtvYBqkyRIK2AhESnaXAyyqTeM5O8Wj25pw2VwJTH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a2f9ddc788c5440-LHR
content-encoding: br

GET
H3 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6A37 6 KB
3 KB 24ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 200 rs Show response
ad4m.at/ Frame 611E 1 KB
2 KB 45ms
44ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ab8e746cba0898c243fb4c5465a76ca601f0697e7f04851b316402261ec08c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a2f9ddd190a20ef-LHR
date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKPhkiFQTD2T%2B9rGkzoG%2FbATHr2WWB7deKJ8ud7B0ia9DjDFgz4451eNzQqO0mSVKuJ6H7XyXIsjKVGwNXKPapVimKYCUEjpqe9C4Tuvvfk%2BbWA0YBXWjhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vw8k

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 59ms
35ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vw8k
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYdSIP5iU%2FxOknwNj7hxzmH4VNQIYU21E7ZHxXU77D7Pt5xYSfMORTznRL%2FbjvWbL8klejbjoH7f%2FX2D06cvSjoOrqVX7BwWpp177ZwySrqhWRL8hHHzcsY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2f9ddce8e120ef-LHR

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6A37 0
0 60ms
60ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChCnNb750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMYBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4g26wHF7Y_L4MKj9WY8LaKUzj4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTk2NTU2OTY0MDA1NTAzMhjPzgc&sigh=_sIZeVWCSug&uach_m=[UACH]&cid=CAQSPACNIrLMB-aZ7QSZx1m-dHIyfA5Mit-ts5Jia6CX9Tbx-0n-8BkzAsBiHJbmAJwtlg2U-K4zkKI6QsNdwxgB
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6A37 0
0 23ms
23ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g3aezvs3f3nxbhvq2z8emk4kvkk2mwnb14gy88pctsnwjz1yg8092ana05g737wc911bg771p273xy8sccpnrwk3j5ch15rczysqeb3mrb0hmm5a03q9ja1py8r92wcqye3jx67nsxt98p176ab9gabpfww3eh4c5egvf1nda92srty9hq7afkf2vnqhmjbfvf1n57ma0gsq9gn360ej9t7mcx196d1sdn8vj4efhhmwncsf0j22m1bn16azajrkyw4dvjtah640fgnbfhsqbrmzb5zjhawv9mawj2mhajppzbqej7g7arvm9env85g5hvact1btzt96w943bkr3bw5cwj3b70hj43df2ap310zcg6vdkr26xkvnzw13f98eh698hpmc4&b=YXS-bwALVfsIEdVGAAaZs3f0ie4dBVALreOlxg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 40C3 2 KB
2 KB 44ms
43ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k9ew4hb2acc95sq371ff5r479g5ezhs6n7dq3seam2v4acxybqc11192wy05gz5sf62cw5yggg1py52v9gxvnvje3pe9swtt639gdrwffbxxejkryvyag1wp2rk8s7k2fmztq8axs9r994a9kx0xeee30srnkb4dpr6q7559b82dmqqgsmmm2ew48a7m6qv2s5r1mvb5h7q8cz3vtnxymhdjnwn9vtr2w1kcnxfy1rjde2etrep00mq5wqe74tabnhs0jt9rx9dw5skk4rr9whm8kmhsgth9t7z5v6maw3b0jb58433agc2jav9xacv28kendkvy8nxg50a0szkk92bxq56sg5v0zsf91qg03f1vbj8pfbhstrtpfe0fvm7rxn2a9j172jwxvdjpr6j2nmz5zabeywwew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

209a1b9baba60745de39212ffa8ca6ee39b76644869e49c7778bef5d25cf764a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1k9ew4hb2acc95sq371ff5r479g5ezhs6n7dq3seam2v4acxybqc11192wy05gz5sf62cw5yggg1py52v9gxvnvje3pe9swtt639gdrwffbxxejkryvyag1wp2rk8s7k2fmztq8axs9r994a9kx0xeee30srnkb4dpr6q7559b82dmqqgsmmm2ew48a7m6qv2s5r1mvb5h7q8cz3vtnxymhdjnwn9vtr2w1kcnxfy1rjde2etrep00mq5wqe74tabnhs0jt9rx9dw5skk4rr9whm8kmhsgth9t7z5v6maw3b0jb58433agc2jav9xacv28kendkvy8nxg50a0szkk92bxq56sg5v0zsf91qg03f1vbj8pfbhstrtpfe0fvm7rxn2a9j172jwxvdjpr6j2nmz5zabeywwew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%26client%3Dca-pub-5965569640055032%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9ddce8c35440-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 6A37 3 KB
1 KB 65ms
31ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:30:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 61EB 1 KB
749 B 38ms
17ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 18:26:41 GMT
expires: Sun, 24 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27279
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A37 120 KB
37 KB 33ms
32ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:01:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 6A37 14 KB
6 KB 56ms
24ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:36:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6A37 0
0 30ms
29ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDO2rWsEB3l_BeRhqw3Yo7zGiBeNeuJEKR4pxwcZifVhXWA8wxcgzASRZJo1QikHn4C_pJkOEluRhdpa1S1Vih8NbJIw
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6A37 22 KB
7 KB 63ms
31ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 16:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 16:23:19 GMT

GET
DATA 200
OK truncated
/ Frame 6A37 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dee84d8b9ff12655d177a5a253e5dc4187058a9a0ea8e7355838feae515cd529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 40C3 64 KB
8 KB 50ms
49ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k9ew4hb2acc95sq371ff5r479g5ezhs6n7dq3seam2v4acxybqc11192wy05gz5sf62cw5yggg1py52v9gxvnvje3pe9swtt639gdrwffbxxejkryvyag1wp2rk8s7k2fmztq8axs9r994a9kx0xeee30srnkb4dpr6q7559b82dmqqgsmmm2ew48a7m6qv2s5r1mvb5h7q8cz3vtnxymhdjnwn9vtr2w1kcnxfy1rjde2etrep00mq5wqe74tabnhs0jt9rx9dw5skk4rr9whm8kmhsgth9t7z5v6maw3b0jb58433agc2jav9xacv28kendkvy8nxg50a0szkk92bxq56sg5v0zsf91qg03f1vbj8pfbhstrtpfe0fvm7rxn2a9j172jwxvdjpr6j2nmz5zabeywwew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k9ew4hb2acc95sq371ff5r479g5ezhs6n7dq3seam2v4acxybqc11192wy05gz5sf62cw5yggg1py52v9gxvnvje3pe9swtt639gdrwffbxxejkryvyag1wp2rk8s7k2fmztq8axs9r994a9kx0xeee30srnkb4dpr6q7559b82dmqqgsmmm2ew48a7m6qv2s5r1mvb5h7q8cz3vtnxymhdjnwn9vtr2w1kcnxfy1rjde2etrep00mq5wqe74tabnhs0jt9rx9dw5skk4rr9whm8kmhsgth9t7z5v6maw3b0jb58433agc2jav9xacv28kendkvy8nxg50a0szkk92bxq56sg5v0zsf91qg03f1vbj8pfbhstrtpfe0fvm7rxn2a9j172jwxvdjpr6j2nmz5zabeywwew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221145
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9ddd69185440-LHR
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 40C3 36 KB
13 KB 30ms
29ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k9ew4hb2acc95sq371ff5r479g5ezhs6n7dq3seam2v4acxybqc11192wy05gz5sf62cw5yggg1py52v9gxvnvje3pe9swtt639gdrwffbxxejkryvyag1wp2rk8s7k2fmztq8axs9r994a9kx0xeee30srnkb4dpr6q7559b82dmqqgsmmm2ew48a7m6qv2s5r1mvb5h7q8cz3vtnxymhdjnwn9vtr2w1kcnxfy1rjde2etrep00mq5wqe74tabnhs0jt9rx9dw5skk4rr9whm8kmhsgth9t7z5v6maw3b0jb58433agc2jav9xacv28kendkvy8nxg50a0szkk92bxq56sg5v0zsf91qg03f1vbj8pfbhstrtpfe0fvm7rxn2a9j172jwxvdjpr6j2nmz5zabeywwew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50017
x-guploader-uploadid: ADPycdsHPR-0WbrwHtujO57kxTC7JXJB_18UorWbtnrU5Mmrm4TUzFm5j6AIGdBgm2flZgscAhO03gaj1f-kZVRpf84U89SF1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:57 GMT
server: cloudflare
etag: W/"8117c73fc4e946a604517e9066dbb583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIe%2BhxDHhEAB1E5Tf6AjVIwOGz7f1nP%2BQfbUdp2EfzGKVXmZSpW8SW%2F%2BxC41vJMZ1HLHN0E1fpY%2Bau9ezWUCpiNdLav2Vlqjp4Lx6cvMZjFDcqeGcFD9Ccs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729216993678
content-type: application/javascript; charset=utf-8
expires: Sat, 23 Oct 2021 12:07:43 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11927
cf-ray: 6a2f9ddd69195440-LHR
cf-bgj: minify

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 61EB
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaBSTM_sMMD6quSlEr8_4E&google_cver=1&google_push=AYg5qPK8eBZY5S0NJL5Ve7XwPgSnC7ZSLU8P8WLYVzaVjN3eg-9AuqRgc1...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8eBZY5S0NJL5Ve7XwPgSnC7ZSLU8P8WLYVzaVjN3eg-9AuqRgc1TptjJNsZ1I-Q9tCnQc-tC1ofX7v1mDruqDjhDgFd8&google_hm=9n3IIE4...

170 B
188 B

31ms
31ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8eBZY5S0NJL5Ve7XwPgSnC7ZSLU8P8WLYVzaVjN3eg-9AuqRgc1TptjJNsZ1I-Q9tCnQc-tC1ofX7v1mDruqDjhDgFd8&google_hm=9n3IIE4mOFQX4alZxvZjuA

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK8eBZY5S0NJL5Ve7XwPgSnC7ZSLU8P8WLYVzaVjN3eg-9AuqRgc1TptjJNsZ1I-Q9tCnQc-tC1ofX7v1mDruqDjhDgFd8&google_hm=9n3IIE4mOFQX4alZxvZjuA
pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 61EB 0
12 B 27ms
26ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KigQLvbckNYDCsOqp4JD0rM7u31Dtx

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F534 7 KB
4 KB 45ms
45ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9668ea9af9ccd9136f5da46260b11c5a77fe7803dad2339ada7f9c5a26f5adf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1k5s33ga4nv9706jhhzwmsyz4ya212dv4zhcayvpnvg9h07481qbjvryg703z8vpbgrk1hta6qa5e28zhcakh2esf9y9jdv2rq9dyfr912nnw59ypw7t3f45ba3zcw010qtbh7srf42nb8spxnrr2yeth8ykv29m0hp7h6fdmdkhf8qnb8pgyd612cmgm49tj1zc96yrndd0pqqnpc31p2azw5zgqrnhzz3k9yt83qrqy1svkq1nwjca9d9ajbkthgjhzf63pk3mjnwcvd1876ktemc9p1m1akhn4q95y97my1kdvdmtqdrftmhajscajwwsmse3gpefhana84e867ytf8bcq1651zwj82p99rzhp0hr39azkggf8esp78z4wznzh6z71fxe6yzygt4q5wvqwcwcrr6yhc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%26client%3Dca-pub-5965569640055032%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k5s33ga4nv9706jhhzwmsyz4ya212dv4zhcayvpnvg9h07481qbjvryg703z8vpbgrk1hta6qa5e28zhcakh2esf9y9jdv2rq9dyfr912nnw59ypw7t3f45ba3zcw010qtbh7srf42nb8spxnrr2yeth8ykv29m0hp7h6fdmdkhf8qnb8pgyd612cmgm49tj1zc96yrndd0pqqnpc31p2azw5zgqrnhzz3k9yt83qrqy1svkq1nwjca9d9ajbkthgjhzf63pk3mjnwcvd1876ktemc9p1m1akhn4q95y97my1kdvdmtqdrftmhajscajwwsmse3gpefhana84e867ytf8bcq1651zwj82p99rzhp0hr39azkggf8esp78z4wznzh6z71fxe6yzygt4q5wvqwcwcrr6yhc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9ddd69215440-LHR
content-encoding: br

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 40C3 3 KB
4 KB 46ms
24ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933392
x-guploader-uploadid: ADPycdsUBSwxHn4phaM_fSMzz8i8mhDMWYE4fTZXaieEYLTAiiTVYLRZgbXnHhlSIji6E0ietJ-1qYTcbg2dUf3sGaA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XM5xJ0B73grGuUDKichHiGXaL20Pt4lrPVeE29Pzi84g6BPiRespN2Q2mfhni9zYxYyFwH5xhs6%2BnC2eaWE50x5xoPAEesG62%2FZ7J802ZomeKg8WGe9KPYE8195U9wR8SVZp3g3Q"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a2f9dddee8940b3-LHR
expires: Thu, 13 Oct 2022 06:44:48 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 26E8 2 KB
2 KB 29ms
28ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UyU28B2efLnalLRJpp1c98cvyZKzhwanAq9kVA0wrp9DwnzPDrTmei-CKOE5AaTSC-WvgX_eUP8wMH2DdM5rYKGETrUOQ
expires: Sun, 24 Oct 2021 03:01:20 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2517966
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuzQlIFlnrhhSdcICLZPNjUHxcBBvngItt5SsHfyCShWOmM6tcehrJRwhSPrrN0UbvOBgvuD21tK1fYEZIHjF%2BNXJb5Nh04pgZs4TNpWI3vN2AortS3EysY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a2f9dddc9555440-LHR
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame F534 64 KB
8 KB 32ms
32ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221145
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9dddc9565440-LHR
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame F534 18 KB
19 KB 55ms
45ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277078
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdtmgGbBA7capQE06y6GnN8LDk10_BxpOom-UZIs5BeLhzpQuUs6df9DIW1OaOcozOlSDjTemw1lEvQrh8pVcp8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6CFaGBdmr%2FO8FsnfH%2BklvFOC6OK1SvGODY4WvexYVk4OmPI8lPePxJbsUSt2qO6ZheQXMoO00IQOpGJSZDSn%2FTPtIBKme86JQmCckspYEBvIMQ0VtHATbIMfLGPiEo9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6a2f9dddde5965aa-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame F534 2 KB
2 KB 54ms
45ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277078
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdsI1u40v0FOHIr3c5t4HYsNf47bYSLqO5XjYFCsXVgD2NpvuNh0ASNvWghDcdhxAxLiSvbnsMm4YulUMK5vs_8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFqZcF%2BgmBnQFphSKd7%2FWNO24q1oinENAdhGepjCSgWiMi9XMhCGNjVpfbuYLH0yg9TI0Qb%2BvNhJLGD2bXRMy9bGOzL5sHuDsSY%2FTgzohvG4FiTW6qiDOerfB8bs7L9%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 6a2f9dddde5a65aa-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F534 43 B
702 B 64ms
34ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:20 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame F534 38 KB
38 KB 54ms
45ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279778
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycduTADbe4QTWpksLMkOeUhXyLX1DlpTK_kgnQFH2U23-o3-C58FP6P6mrvC9eP7H1hgi_Hwm2-lZu_PBShMSBV8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2et6KVbxlr40w22IB4aRPXsUxCeBhTk55H0lu2M54jNfgwjv%2BszwCc4o5Y5svPsh9ZY%2BsTeZ0T%2FVWbD2LClUIqYbXqv1uZ7KbNhx7WclZszhgdiNKfh2jTEWTZA%2Fg%2BV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6a2f9dddde5e65aa-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame F534 84 KB
84 KB 34ms
25ms Image
image/jpeg 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1687992
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdtb35ogKLAp-WRUwkDvfLFmpZgpoSjSXjdkQChuI80UktbEaVSd2EWPTT8xw6NKhvySWAmNJ46zGz4HjOzmlzoI4V4TiA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85737
expires: Mon, 25 Oct 2021 02:01:20 GMT
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9x5yW7EImWKxxu09TiUVxt6Y%2FBWlCmSpJTBoqoq0qlhnx9jFD9caJhJ7MaV9m63cMBxwiPuZA4UWFyJDYlU%2Bz9dNo0lSehpFA9yxKyHKV8%2Bm4khUB2KGp8Y6yLHypUF"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
access-control-allow-origin: *
content-type: image/jpeg
access-control-expose-headers: Content-Type, Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6a2f9dddde5b65aa-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame F534 8 KB
9 KB 54ms
45ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277085
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsHCApW0lOlefku3GjA7I0qCCp15e9jDB4yO4RzQRIHB5G9jjxHwswHAZwkzHHhj3idzl-_-C3_ePUuPo1szhNqhnn76A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cuom2h%2FJMcZANMoWxOPDobu2VcCb3k%2FPBox86blH9rtnKqk9vknxflfKfYp4XvEIPnv4jni5fbPN28z%2BTUBUcZ8X9RSt7g3wvrAufghNscuNmfWup7gMvkIvemaf4Sos"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6a2f9dddde5d65aa-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame F534 30 KB
30 KB 53ms
44ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933386
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdsJ2Us9hfCbsZ5CITOmHq-7wG4TeM1v6jA4Xp8EXdxIkw3EjFX7SC4jfzs-gnuBR8uV8172DkEJ69fPU8m-csM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qalxkPi57O6qT49DAIrOqdubnCMfu82hulCIWW6pT3Qf0uE5o33c5ROzLehypb%2FhgNTvGyyReZUzdsIJtr%2FJ0OUTWduDX2IcRaoinh322856hiI9RExHunAvLDWqMBhy"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6a2f9dddde5865aa-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame F534
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMyE9Pb54fMCFeWC_QcdZCYJFg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040880_48319a60-346e-11ec-bab3-2265a16f2a26

0
517 B

37ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040880_48319a60-346e-11ec-bab3-2265a16f2a26
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:20 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 24 Oct 2021 02:01:20 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040880_48319a60-346e-11ec-bab3-2265a16f2a26
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame F534 1 KB
2 KB 196ms
100ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fponeid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 54c8961996a386de0648a25e6ad3e22b8b9c710c92ccec188dbe7b90f3d28f66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:20 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:20 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1300
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 40C3 1 KB
2 KB 37ms
36ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c785e2f7a197d01f41afd5667f4895dc13a7e6963413f65f99c2083d677ff1a5

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a2f9dde69ec20ef-LHR
date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8f%2BNjIgo1Qy%2BM6mVDkpz0FXVxABS4QrrNaERRg5%2F3W0R28oeInQUidqV2oLtK4DN4MDSyW7Gx3VR23YCwPY7QHp1z6ZEFgCK4XElP6IqZ329mtFhvwfjCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vw8k

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
36ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vw8k
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCZDn50Re2we34yK3Qi0io5i6EzABiCwAD6icYfi0Z04pvvpLNeF9o%2B7LOB6bP%2ByTtJPouNHwX31F3agh80g6SuCNeg5rOVbSL6A7qemdSjIBjb%2B0UUIero%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2f9dde29bf20ef-LHR

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2CDA 6 KB
4 KB 46ms
45ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

766c5335d6bdb934f5286b284ac1b0e3e07650e49212b7bf4a92eea0cd3e62b6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1k9ew4hb2acc95sq371ff5r479g5ezhs6n7dq3seam2v4acxybqc11192wy05gz5sf62cw5yggg1py52v9gxvnvje3pe9swtt639gdrwffbxxejkryvyag1wp2rk8s7k2fmztq8axs9r994a9kx0xeee30srnkb4dpr6q7559b82dmqqgsmmm2ew48a7m6qv2s5r1mvb5h7q8cz3vtnxymhdjnwn9vtr2w1kcnxfy1rjde2etrep00mq5wqe74tabnhs0jt9rx9dw5skk4rr9whm8kmhsgth9t7z5v6maw3b0jb58433agc2jav9xacv28kendkvy8nxg50a0szkk92bxq56sg5v0zsf91qg03f1vbj8pfbhstrtpfe0fvm7rxn2a9j172jwxvdjpr6j2nmz5zabeywwew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%26client%3Dca-pub-5965569640055032%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k9ew4hb2acc95sq371ff5r479g5ezhs6n7dq3seam2v4acxybqc11192wy05gz5sf62cw5yggg1py52v9gxvnvje3pe9swtt639gdrwffbxxejkryvyag1wp2rk8s7k2fmztq8axs9r994a9kx0xeee30srnkb4dpr6q7559b82dmqqgsmmm2ew48a7m6qv2s5r1mvb5h7q8cz3vtnxymhdjnwn9vtr2w1kcnxfy1rjde2etrep00mq5wqe74tabnhs0jt9rx9dw5skk4rr9whm8kmhsgth9t7z5v6maw3b0jb58433agc2jav9xacv28kendkvy8nxg50a0szkk92bxq56sg5v0zsf91qg03f1vbj8pfbhstrtpfe0fvm7rxn2a9j172jwxvdjpr6j2nmz5zabeywwew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9ddeaa085440-LHR
content-encoding: br

GET
H3 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 122F 6 KB
3 KB 24ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 2CDA 64 KB
8 KB 49ms
48ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221145
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9ddf0a475440-LHR
cf-bgj: minify

GET
H3 200 D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 2CDA 6 KB
7 KB 49ms
49ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276981
cf-polished: origFmt=png, origSize=17428
x-guploader-uploadid: ADPycduEjOT4vTxBjSvC6bd-vQx0NVSNAaTB67vUxynUBdCJlajRIvYPgOvFBwp_afWzxb-uD5vtpk3LF0rTcK0rmtqdY1IYmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6390
last-modified: Wed, 18 Aug 2021 10:34:33 GMT
server: cloudflare
etag: "26c84ef9c719f5cf615a799a8667d2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHKuZxQTz7vJfHdtfDhAkxEXG4RYnhfvbqQ4bPE9v6IahMJyr3mIZ8SSVZ76sq3mPBw4Ec%2Bu8jIfrBZ0nl6CwnCVllx2jqbBQubv1ctH4664SN28zN9C0iI91AN5vv2M"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629282873725600
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 17428
accept-ranges: bytes
cf-ray: 6a2f9ddf0a485440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 2CDA 28 KB
29 KB 27ms
26ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020523
cf-polished: qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid: ADPycdvLLur8lBkGkcquGrC4NKeaWwPa006KmwCKgUOQETOuiFtUjog6fvwBpWz2ivyIQDEciQ6vhUXt53vvgQPS_aE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28448
last-modified: Tue, 03 Aug 2021 12:47:14 GMT
server: cloudflare
etag: "6d92776609fcae3d35627b3987f9b1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fvy6q%2BvOMTNeV%2FmxHgQIDvIeByopFPaTiQVg%2FHhtHA7T52RPhyEkNePFEo16e3LEzUVg1bEtW5ks%2BTU8iy80sYhHgOZA6%2BNK3ebBJKOoGb1U5%2B2s4IDlXBKmCy9Gu4Sz"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627994834652806
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 82379
accept-ranges: bytes
cf-ray: 6a2f9ddf0a495440-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 tsv
neso.r.niwepa.com/ts/i5542019/ Frame 2CDA 43 B
464 B 98ms
29ms Image
image/gif 35.187.117.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneidzmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFWoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.187.117.15 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.117.187.35.bc.googleusercontent.com

Software

nginx/1.13.9 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
last-modified: Sun, 24 Oct 2021 02:01:20 GMT
server: nginx/1.13.9
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 2CDA 9 KB
10 KB 48ms
47ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294844
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdt5N589VDZQecrLqlwlThMaYcviQ6Ery5caYO14gu1luj3NrIl9iLWvNFQGc68iRg4jDotS50BnsxS9KmmVsBNGxNju0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mxq57Q3A2qzVMuPhgiNTnm4FGtasOdG401nYWVm9CUxVxTcCPjiGutVx5CjtRXpiGfGm5cWD9Yxh5t7dz1f%2BQ5Bq8z5UHAmF3%2Fl6gp0KUYi9leE7hydoUC3tsdlAn%2Bd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6a2f9ddf0a4a5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 2CDA 19 KB
20 KB 49ms
47ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290685
cf-polished: qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid: ADPycdtm4Ph-TMXHOv0jIEPBIJlrfROjfXgMK_EgBC5nX96oEF8h_r2DTsECeKvK_jlCHmqD4ckgS-kDjw6ntHjLf5KywIxAlA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19022
last-modified: Tue, 19 Oct 2021 10:45:40 GMT
server: cloudflare
etag: "9c16b18e2ed1720d4bac78685793f74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gizQsl0Ou24JkOj%2BYXtmQ0hdD32Ln53w1fp0RitoWJbY1NP4yUgCpVa2nOzV%2FikEZfjtblSsGGH4iksErqCXZEkYHaBZXvGGmHT5ufdKn46PJ%2F2oerRALyJs8LN8jAR"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634640340621224
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 84530
accept-ranges: bytes
cf-ray: 6a2f9ddf0a4b5440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame 2CDA
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021102404012057588070149X113752V1225131106MSoneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE1...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211024040120575880701...

43 B
753 B

31ms
9ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021102404012057588070149X113752V1225131106MSoneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=113752
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:01:20 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sun, 24 Oct 2021 02:01:20 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021102404012057588070149X113752V1225131106MSoneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=113752
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2CDA 53 KB
54 KB 66ms
65ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294930
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdu_GStnm-ROF7y_ddm4bfag33QZNfx7I5Z-KqQS_lJE4gYjoFt54cGzAq_V6isQmwvmL7xG33D96vr7nLApDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiGj8lalc7CaQcxXLbS76Oi1rkfgJNO0Y%2FqyVptNbW7hSFRq6vKsM6VJSaAAQdKRXSLbX3P7l%2FYgp8UgzwJqUo5rqd%2Fio2eLXvTakznbFOqV107d5Sj8c0W4Hjnv0bfw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6a2f9ddf0a4d5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 4F4C9A2D7395F4A22A69E4FF899DD987C3D93173B4A1A10C53248E23143B0CF6BAA70B9C16381AC5F917AB284304F801A1D532F2E3F04B5E86B818EDEC445252
assets.ad4m.at/product_image/ Frame 2CDA 108 KB
108 KB 72ms
71ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4F4C9A2D7395F4A22A69E4FF899DD987C3D93173B4A1A10C53248E23143B0CF6BAA70B9C16381AC5F917AB284304F801A1D532F2E3F04B5E86B818EDEC445252
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d59fb9c729f04cd84799db8137a07593d1658c3a2827018284f74d705ccc629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=0sGzgQ==, md5=E9fn9wEA2esguxJas7WBIQ==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1004841
cf-polished: origFmt=png, origSize=247870
x-guploader-uploadid: ADPycdvdkiH6_z-c3Nchq1UlYzxL4a981OWNUZ7iTAGYTEj2IgNYowWmUl7WUUi3hNV7WYxUD7hWhHqvK1Tyljiv-yOuO9VPAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110084
last-modified: Thu, 15 Jul 2021 15:02:56 GMT
server: cloudflare
etag: "13d7e7f70100d9eb20bb125ab3b58121"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0jZ6YJrhaiB42WiU6r9%2Fl7yM5ejK9WG3Ax24FPr2u3uHValNe501WMXqSyzMIFYV98w%2BmnmwkV%2FLS5CkY0%2Fc7JRx99pi6jaqSfnGqYAg5XT5tJhc44O29Pz4X3dSHF3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1626361376778545
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 247870
accept-ranges: bytes
cf-ray: 6a2f9ddf0a4e5440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame 2CDA
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=oneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=oneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2021102404012057588070147X117703V1226132702MSoneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYA...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202110240401205758807...

43 B
771 B

25ms
8ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021102404012057588070147X117703V1226132702MSoneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C167497%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFV%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CdEQfEfkfpYZjSEHjHwtqCbb1a3T4TGW4fj%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=2703f8983fc408e7b1c52ad4efd47626%2F2921352468467077475&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880399&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k065e0hrq2jhnagfaghrv3pw2epy51ywawacvw0xryy3vsy9dbmt4ee7qhsttkktdm9v7q75n4cqhz3knndk01y9gca9m6m5rg2daz0t06ere3v2xq4e8ntvqwcp891ghb3wzyqkqje667pm5epc0mpg872mnspg7xd7p057ww43pexeazr1xt0tm0evy47q74bq1xyvvwmj675adn84m38hg5tntc2me2k8371f85njx2nqmay3vepnpwxt7vdd8661x7v45znr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DConc9b750YfurLcaqx_APs7OamA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BRnBPFvTajyAtjF0yMFV_O8eBAw-4s10NyFUv6kgMpgO4yv5GaNQNx_SSV3_5dbLnCSvDqMTdvSC_VRarKcgWb5-Buh0xthBfDe-tiGa8dsPuJQbCwHgkUBwcCp_xKVo7IHSn4jgcjNRaW2U91a5kuiWqkiJU8GJ3qicyuFbGUclx6G4iwXZOALANXp0Sc1lFHTnxlLTOl9OwklrAOOIhe7ql9nc-Byr_6XQDNiX8pfde4wWy9jokNe_7ErXfAuYtI23X3XqUQ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2EKE4AdeYBFOz3enLeC7YpEdEFkA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:01:20 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sun, 24 Oct 2021 02:01:20 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021102404012057588070147X117703V1226132702MSoneid9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 122F 0
0 55ms
54ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1R5TcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoExgFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iZU17R0QGxs3mWUfdaZq3gshy_gBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTY1NTY5NjQwMDU1MDMyGM_OBw&sigh=k8TY14pQSqg&uach_m=[UACH]&cid=CAQSPACNIrLM0s4XVtr0JtnFOAScsPqiQjhge2nY4OvnCbRWRMDqocplBrbpDx4_HRMgoMo0K2Q_6FJPBFoCIBgB
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 122F 0
0 23ms
22ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g2tc9bs72792a7evx6sbhzpavzefqweqnzd9mts2js3n9xvgean6abdbknjpgh01fcnf4861j6dybrp71pyjvdcnjzh6pekht8yeew17hh47f3e8vc9ybt1826t9877f66tpfn3hmew566pkahjpstyk0d3n0w7fjwzh3vjcq4763w9swh1x9bynkfrt1bqvkcgrwjfhy2qs8a1qcz0ythxh9164jzx1bd9zvgcknf0avxg2wv70nfa9n6051yvz4hm9sht06fdym9c5dhgpaec22tsr73mkksdnr3wth10b59nwjw4aay8wjsqxwe6yw6q08npm1eg0hvahchjtqfws7j8b2wa75k9ba75y8k5pb2y41m51fzaxt0ay55dydj7526xk8&b=YXS-cAAA-pQK4F0LAAj83htrl8NyPpM8OEDA7g
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame F517 2 KB
2 KB 58ms
57ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hjk8215hybhges167q873p2avk10aph8geetdkgwz7texms77tpz5x8ar41s7mrd13s3c1t9ty38b30a81rm29wejkt36mer5xrdwyam0n666sk69y08xwnrgvgj72mvb71md1zt3hme4ptpd77j2n6s2cq6wxgymtsy925fhyq46k67vjd12mhbnkj2bt4nhpehy4zrwpwgy8p686rxmm7bzj63nq1861hv7aptwqhz7eebfn99fb28cqpqemnn3t240fn9jbvgrd3hkk1p19nj2frarwhzfsn88yxzfdv94fznwzhnrxaj510s73vfmv668tk22hpjpf9vg3zc1pxxv54cz6qjgag4ker31bkthskaz2a540j9cp5r9w18svfkd66b4zgvchrw6qgjapzjew28gjw6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7d855be20cefec1f33e2b02cd6317ba601b60f237666b73888460d38641e5d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1hjk8215hybhges167q873p2avk10aph8geetdkgwz7texms77tpz5x8ar41s7mrd13s3c1t9ty38b30a81rm29wejkt36mer5xrdwyam0n666sk69y08xwnrgvgj72mvb71md1zt3hme4ptpd77j2n6s2cq6wxgymtsy925fhyq46k67vjd12mhbnkj2bt4nhpehy4zrwpwgy8p686rxmm7bzj63nq1861hv7aptwqhz7eebfn99fb28cqpqemnn3t240fn9jbvgrd3hkk1p19nj2frarwhzfsn88yxzfdv94fznwzhnrxaj510s73vfmv668tk22hpjpf9vg3zc1pxxv54cz6qjgag4ker31bkthskaz2a540j9cp5r9w18svfkd66b4zgvchrw6qgjapzjew28gjw6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%26client%3Dca-pub-5965569640055032%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9ddf3a705440-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 122F 3 KB
1 KB 23ms
23ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:30:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3803 1 KB
749 B 19ms
18ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 18:26:41 GMT
expires: Sun, 24 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27279
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 122F 120 KB
37 KB 35ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:01:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 122F 14 KB
6 KB 23ms
22ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:36:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 122F 0
0 30ms
29ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxhEWifB2R7XJiWsD55MYlF4xIyMriZbCSbIIqBOsClcBkQ1ZNkw7xfhUiRiw6FAXa-5uVeJUyroLuL7jy9q2pc3Jc8A
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 122F 22 KB
7 KB 23ms
22ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 16:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 16:23:19 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F534 51 KB
51 KB 64ms
7ms Script
application/javascript 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fponeid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 74002
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 23 Oct 2021 05:27:59 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: cRqJG5gWrd3jbhSEfUH4k7p5RVUvvzy1kfbpf707TGymy26AfsaDYQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame F534 85 KB
85 KB 89ms
32ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidVzBUwfmfPDmcGCbHAtRtEKZakTzTRcQoneid&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5WecJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14ad&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=02c69f796d9c6a2bac828e9b7c86ad43%2F11729926597886599430&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880199&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvgzent2z8zbpkf4z3krpfffy8e1esyexma9337mpzss4dy5tbskvv97xmc7t0kwq2qahe4hpm3zdg7zz8r9brkb1ssdy173vq3ev1kz0ns5ar2zb4c9y2gtgkfb7adwdza1nf9cr7qpp0hth5tjg1fbpmseb3jvjy8n3dr08acmwj87hcqqdad0xwah706kakd3mxpfnkjbsbtyxhdt02d2tht7pv08cxfmaasb12gxw4xg1ap627ps3r2fg8spemmv214g0994%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCg6uVb750Yd-4GJP4-gaj-qmADJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0FyavqFC08Dvi4HW7rNnHroxsqjb5KXzCLgdtYuyHO1wZIEOATjhtuDu-UPU3d5tmku3UbfDZ2EguFW6003PlZTQb3ynEQd4iBKmpOFA2Hks_4CUeFPyReBtkxg67jS-flRBKuBPwwksXtN0vcK8sC9LrtEpThyAmdNHOnUx74Aa9RiLVeyggsf8ODdAy5wdvs4Okuvtn08tpNJWJl69i7DAAdth5e7bQsq-Ho5cJ-5P5jhSwiNjeXw0Y8B3ph0rDP-keS9j6zTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2qGbo8mcn6EFApZpguYQEEeKSFyA%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:20 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:20 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3803 35 B
210 B 10ms
10ms Image
image/gif 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaBSTM_sMMD6quSlEr8_4E&google_cver=1&google_push=AYg5qPJ5xyl-8uSJz_8uOypChHG35jy9XjsKZFRxJor-g-niYyUpCZNVQ7KmgezV8UHyqlsT7YuE-QBORW5GiukwajrpVcnAMD3MQw

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3803 0
12 B 26ms
25ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUGHDP_chGGCWV_6q5kyE9KV9fj_Y5

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 122F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00e25761d17a65efd80897d1e80a746d3fd398855ecdb81409a3740c150b3b32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame F517 64 KB
8 KB 36ms
36ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hjk8215hybhges167q873p2avk10aph8geetdkgwz7texms77tpz5x8ar41s7mrd13s3c1t9ty38b30a81rm29wejkt36mer5xrdwyam0n666sk69y08xwnrgvgj72mvb71md1zt3hme4ptpd77j2n6s2cq6wxgymtsy925fhyq46k67vjd12mhbnkj2bt4nhpehy4zrwpwgy8p686rxmm7bzj63nq1861hv7aptwqhz7eebfn99fb28cqpqemnn3t240fn9jbvgrd3hkk1p19nj2frarwhzfsn88yxzfdv94fznwzhnrxaj510s73vfmv668tk22hpjpf9vg3zc1pxxv54cz6qjgag4ker31bkthskaz2a540j9cp5r9w18svfkd66b4zgvchrw6qgjapzjew28gjw6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hjk8215hybhges167q873p2avk10aph8geetdkgwz7texms77tpz5x8ar41s7mrd13s3c1t9ty38b30a81rm29wejkt36mer5xrdwyam0n666sk69y08xwnrgvgj72mvb71md1zt3hme4ptpd77j2n6s2cq6wxgymtsy925fhyq46k67vjd12mhbnkj2bt4nhpehy4zrwpwgy8p686rxmm7bzj63nq1861hv7aptwqhz7eebfn99fb28cqpqemnn3t240fn9jbvgrd3hkk1p19nj2frarwhzfsn88yxzfdv94fznwzhnrxaj510s73vfmv668tk22hpjpf9vg3zc1pxxv54cz6qjgag4ker31bkthskaz2a540j9cp5r9w18svfkd66b4zgvchrw6qgjapzjew28gjw6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221145
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9ddfbaba5440-LHR
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame F517 36 KB
13 KB 28ms
28ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hjk8215hybhges167q873p2avk10aph8geetdkgwz7texms77tpz5x8ar41s7mrd13s3c1t9ty38b30a81rm29wejkt36mer5xrdwyam0n666sk69y08xwnrgvgj72mvb71md1zt3hme4ptpd77j2n6s2cq6wxgymtsy925fhyq46k67vjd12mhbnkj2bt4nhpehy4zrwpwgy8p686rxmm7bzj63nq1861hv7aptwqhz7eebfn99fb28cqpqemnn3t240fn9jbvgrd3hkk1p19nj2frarwhzfsn88yxzfdv94fznwzhnrxaj510s73vfmv668tk22hpjpf9vg3zc1pxxv54cz6qjgag4ker31bkthskaz2a540j9cp5r9w18svfkd66b4zgvchrw6qgjapzjew28gjw6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50017
x-guploader-uploadid: ADPycdsHPR-0WbrwHtujO57kxTC7JXJB_18UorWbtnrU5Mmrm4TUzFm5j6AIGdBgm2flZgscAhO03gaj1f-kZVRpf84U89SF1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:57 GMT
server: cloudflare
etag: W/"8117c73fc4e946a604517e9066dbb583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBA8w%2FW82wEUuydPPhDRZlHkkhARvw%2F4QuT1DEGy4C5xOixyVcY%2Bv89K%2BjXNJTBRpZrzkdUJ2bW7LLmYIahII%2B0kpGqUNGpwGSy6SeMihBYkBbBQjxDxALk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729216993678
content-type: application/javascript; charset=utf-8
expires: Sat, 23 Oct 2021 12:07:43 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11927
cf-ray: 6a2f9ddfbabb5440-LHR
cf-bgj: minify

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F517 3 KB
4 KB 29ms
29ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933392
x-guploader-uploadid: ADPycdsUBSwxHn4phaM_fSMzz8i8mhDMWYE4fTZXaieEYLTAiiTVYLRZgbXnHhlSIji6E0ietJ-1qYTcbg2dUf3sGaA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK1LHSsMDGbHosOhODiYfh4Zh97uM4wbjfAety%2FpOwuBceb8bvsg42R8tOW0AArwxno4MAvSiTX1c5QLSPM3vX2r0M%2BJiky%2B3UfdHTBRj5px%2BCE2VAUPju5Q3G02kDp81nA78v%2B6"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a2f9ddff82840b3-LHR
expires: Thu, 13 Oct 2022 06:44:48 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 6A70 2 KB
2 KB 27ms
27ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UyU28B2efLnalLRJpp1c98cvyZKzhwanAq9kVA0wrp9DwnzPDrTmei-CKOE5AaTSC-WvgX_eUP8wMH2DdM5rYKGETrUOQ
expires: Sun, 24 Oct 2021 03:01:20 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2517966
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8UbCZwr5sJePjH%2Bnnu0nvDzNFdOlenTPUIJAmXbTEOaXqyuZwMktHY7DwpV6ptax8dxD4QnkDekaRv7qYm%2FCSgDGmDXhm7Hn0KRPTzVrHUmrMbNZqAi2Rw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a2f9ddffae55440-LHR
content-encoding: br

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 35ms
35ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vw8k
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgCl1MrtQf2Sow3kMm9I06g69PiBMDTxkDx3%2Bu6pin6%2BKgvHt16eCw2lgvaZOzA07nXi%2BdYmz3EN92EWDq%2FRd8jY1kxLvBeHngKFTLaU8rXWxDmlygaLfls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2f9de03bda20ef-LHR

POST
H3 200 rs Show response
ad4m.at/ Frame F517 1 KB
2 KB 38ms
37ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab069df1774bc083376940179a9ea0f2a9efe15da60f8b6445c3af85a007649

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a2f9de07c0120ef-LHR
date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME8SxULlsuzSlUv1lTew76OedkgQrVVROQMFzhdr2AC9t3joae1lVqDc540DrQdBcyovrEfT1pLvNEgRU%2FmEDER7EswcJ51PU0fpf5y3HZTvdmVK%2FG1E010%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vw8k

GET
H2 200 nr-1211.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 21ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1211.min.js
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding: gzip
etag: "3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id: AVTH4FS16E8233K7
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12477
x-amz-id-2: 2tuSKKHgv0Gnez3uDvObk6hLwQ8iuD9gc7ol0THBhcBhUhhziKcdH9SFph396VEKpqK2bwfbwRs=
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 27 Sep 2021 20:46:50 GMT
server: AmazonS3
x-timer: S1635040881.695863,VS0,VE0
date: Sun, 24 Oct 2021 02:01:20 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5243

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 50ms
29ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1498c18fbdfa4fb8a3184260ed9eaf5cfd862da2801150be96810ba9d4e5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8609
x-xss-protection: 0

GET
H/1.1 200
OK 1502e4f90c Show response
bam-cell.nr-data.net/1/ 49 B
715 B 928ms
904ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/1502e4f90c?a=58634209&v=1211.ba193a8&to=ZAYDZ0cFXxFVUxZZDF1MNEFcS1gMUFUaHhNbEw%3D%3D&rst=3213&ck=1&ref=https://ktar.com/&ap=1462&be=801&fe=3184&dc=1553&perf=%7B%22timing%22:%7B%22of%22:1635040877493,%22n%22:0,%22f%22:246,%22dn%22:246,%22dne%22:246,%22c%22:246,%22s%22:366,%22ce%22:610,%22rq%22:610,%22rp%22:777,%22rpe%22:888,%22dl%22:780,%22di%22:1553,%22ds%22:1553,%22de%22:1589,%22dc%22:3184,%22l%22:3184,%22le%22:3186%7D,%22navigation%22:%7B%7D%7D&fp=1133&fcp=1133&at=SEEAEQ8fTB8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:01:21 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a2f9de09d367181-DUS

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 24 Oct 2021 02:01:20 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 534B 6 KB
4 KB 44ms
44ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7b448aae0ed1d52e892fb516461921d6066180297ff446bb46c2aa04e95ad2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1hjk8215hybhges167q873p2avk10aph8geetdkgwz7texms77tpz5x8ar41s7mrd13s3c1t9ty38b30a81rm29wejkt36mer5xrdwyam0n666sk69y08xwnrgvgj72mvb71md1zt3hme4ptpd77j2n6s2cq6wxgymtsy925fhyq46k67vjd12mhbnkj2bt4nhpehy4zrwpwgy8p686rxmm7bzj63nq1861hv7aptwqhz7eebfn99fb28cqpqemnn3t240fn9jbvgrd3hkk1p19nj2frarwhzfsn88yxzfdv94fznwzhnrxaj510s73vfmv668tk22hpjpf9vg3zc1pxxv54cz6qjgag4ker31bkthskaz2a540j9cp5r9w18svfkd66b4zgvchrw6qgjapzjew28gjw6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%26client%3Dca-pub-5965569640055032%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hjk8215hybhges167q873p2avk10aph8geetdkgwz7texms77tpz5x8ar41s7mrd13s3c1t9ty38b30a81rm29wejkt36mer5xrdwyam0n666sk69y08xwnrgvgj72mvb71md1zt3hme4ptpd77j2n6s2cq6wxgymtsy925fhyq46k67vjd12mhbnkj2bt4nhpehy4zrwpwgy8p686rxmm7bzj63nq1861hv7aptwqhz7eebfn99fb28cqpqemnn3t240fn9jbvgrd3hkk1p19nj2frarwhzfsn88yxzfdv94fznwzhnrxaj510s73vfmv668tk22hpjpf9vg3zc1pxxv54cz6qjgag4ker31bkthskaz2a540j9cp5r9w18svfkd66b4zgvchrw6qgjapzjew28gjw6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de0bb925440-LHR
content-encoding: br

GET
H3 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE2C 6 KB
3 KB 24ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6CBB 12 KB
5 KB 21ms
21ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 23 Oct 2021 19:33:26 GMT
expires: Sun, 23 Oct 2022 19:33:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8A84 783 B
535 B 32ms
32ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

b91c48f70bcd1131daa99e3404dd21f66e36dcba2ad7caa6912e0ab75f6f59ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qZ7iFuggu/212gLPKE3Rqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 24 Oct 2021 02:01:20 GMT
date: Sun, 24 Oct 2021 02:01:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qZ7iFuggu/212gLPKE3Rqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AE2C 0
0 58ms
57ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc75ycL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoExgFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHN3oNHkfpdbmDSZDFt1WadCWCTgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTY1NTY5NjQwMDU1MDMyGM_OBw&sigh=NbCuvk7sNkA&uach_m=[UACH]&cid=CAQSOwCNIrLM-moLh5PNEaSYQJZdxRLyigaJpL1mfJr6UUMq_oHHg5H_pb7dXNGxg6xhY3pGG84Nrk_od2o7GAE
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame AE2C 0
0 25ms
24ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kbdybcvqwnj2chnp6kt0k2z1d25qv0214jvn72wetdbqzbyencztdk4ccjtdpg8kq4swhke2z2z7w45ehak9b0ze9hy29mq0hrk1hg6088t0a3zr230zb7btb8zc4488nq8pdb58mg2frd6vf2wq09rgf9v2hcbxv3py20fxx19em5zxa9541vc618jde8wfhjf7kmfdwft6w36nphakm0sdehrka64jfj08m0jre2g5t7wy7zyv1c38sas2cffa2yjktb4285tp8d6yqsp5prshkc07r5h4p1p3n8q8pq80kyr17aqtmygjfk6w88w8xgxaax8b3rmcyewarhn34kb9x3axpvk7qsrgyrwpweakhw6he7samp78nstvfewndwdm0znd8&b=YXS-cAAGnSQIEcSvAAbuYuWeJqBiY4QN19LO6Q
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 46F9 2 KB
2 KB 50ms
49ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h4nmd9waaw70vtcshct2p13153mdaecxfdr258f3jd6ra39kjrhhyg6r9ce12d3429pk8hvc8qbfspebasknswpw2cs3h9ywwk0wk6e1by0whht7hwvq16s17w1xads2f7g8cf9erwp5m3xpdj2bmy9sfygv0wgez5w115cf8csbtpnzt05qeyy0nhm5fe8mbmfzw7bdkjv8qy1vahx13292xchw0zsfwmp5k971a0hc6f7ey3z82y2jh9akna7hwzbm2arjycxmeyaxjt4b617rfe17534nt20xgc6yqs211ez9p2tq5apaasfp4zmhb1jjc67bq3m1bkp586ext9n7qr2h23eec1vw2whjbh2hnbzahexejjfjpqbz3kq5211sb92hww6abx4y6r0wsvzmfsq8e8wb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb1b1b1377df2045d524f486b5f3544c065a7214d138a60ef8bc0de6e712da64

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1h4nmd9waaw70vtcshct2p13153mdaecxfdr258f3jd6ra39kjrhhyg6r9ce12d3429pk8hvc8qbfspebasknswpw2cs3h9ywwk0wk6e1by0whht7hwvq16s17w1xads2f7g8cf9erwp5m3xpdj2bmy9sfygv0wgez5w115cf8csbtpnzt05qeyy0nhm5fe8mbmfzw7bdkjv8qy1vahx13292xchw0zsfwmp5k971a0hc6f7ey3z82y2jh9akna7hwzbm2arjycxmeyaxjt4b617rfe17534nt20xgc6yqs211ez9p2tq5apaasfp4zmhb1jjc67bq3m1bkp586ext9n7qr2h23eec1vw2whjbh2hnbzahexejjfjpqbz3kq5211sb92hww6abx4y6r0wsvzmfsq8e8wb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%26client%3Dca-pub-5965569640055032%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de12bf55440-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AE2C 3 KB
1 KB 22ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:30:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CAD6 1 KB
749 B 16ms
16ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 18:26:41 GMT
expires: Sun, 24 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27279
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE2C 120 KB
37 KB 33ms
32ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:01:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AE2C 14 KB
6 KB 22ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:36:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AE2C 0
0 32ms
30ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiF1txTW_72VS_2lDPmsN5Qbj_-3KFmhqEdYoagpP4A7mM-CeVedUFiFDDHp9PWFsTchB4S5kgklMrVm5thVPKCMOHGg
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AE2C 22 KB
7 KB 23ms
22ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 16:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 16:23:19 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 534B 64 KB
8 KB 49ms
48ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221145
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9de12bf65440-LHR
cf-bgj: minify

GET
H3 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 534B 38 KB
39 KB 32ms
30ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020551
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdunuzYiqCOTN7D38ID9VU5HnhWAEcOI2CN5w6TgSO3n6Ke1a_HyMgUHK8uJPF9YYjQof8tjf2rMhd9JZydCvU8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80G6Tpi7BUaZYmsOvLzQoZZ4VL5kMRkX7DH6k3feKMLs1MCOBZghwTD5gOsX1XM4YtP3YeKT4oFcQYJifK6wOMb1NWp3s1Kpxkn5MmpcFRecoQtr3CHP4%2Fmo9WSvEd28"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6a2f9de12bf95440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 534B 113 KB
114 KB 34ms
33ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 274471
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtNyCvPSb0A9jEM_MSWcctkL_vcl0ETpzeR0WLXBlZg0djNS8o8NmBQPcaxeXCL74nkv2TpDnBKKowraohkTxU0jM5V0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC9agk5XhUiV0n6o8lO%2Bc7Wh6hVujxskxnXHoaQhciuCe8Qldsdi6VwmfUB8uBXzrnP9YFjEb6S71BOYY5CJZwh%2B3RUpwj7LxTxfYgx6rrgHFmuJpmkleVtFXshAs7uq"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6a2f9de12bfa5440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 534B 43 B
703 B 277ms
275ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
assets.ad4m.at/product_image/ Frame 534B 32 KB
33 KB 26ms
25ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=XpYYSQ==, md5=hUTvKH3ITIHGC57UiHB42A==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020559
cf-polished: qual=85, origFmt=jpeg, origSize=91728
x-guploader-uploadid: ADPycdu3J7KwiayBnY0UwUe18-wM0jCT8oepidvMziVOXnVUwjijBrM3R2xxHdvC0-6ThUOrpA3TwJydBG739nov7jo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33156
last-modified: Wed, 25 Mar 2020 13:46:38 GMT
server: cloudflare
etag: "8544ef287dc84c81c60b9ed4887078d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEzbZY3o15eC2DqKAURv2raFwTsSTSJli6FSXCgtaISKJXF6fFCjnR1A1y8YCeg150sLmz6nJioRi6EAWxnVJ6RjTpa5EiG%2B5noJEKdHoFkrJcF4Qbt5kUVzFS7%2F5Bzy"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1585143998277875
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 91728
accept-ranges: bytes
cf-ray: 6a2f9de12bfb5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame 534B 6 KB
7 KB 30ms
29ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 292665
cf-polished: origFmt=png, origSize=15890
x-guploader-uploadid: ADPycdurntIrYIP0hn6CWFTwj44x_yfwXqyHYfBuDCqOEIvZY-iu9G-WWjzE-bw9Opg9y5AsTaZ_AVB_O59Ft4vO9l8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6208
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrFIwL9horoFJaSk99DvcDxcHUcFSteldQRSPVqsGzhrbVcwr%2B3WRjIxI7C0zIHoKK2%2B3SR0Ama7tiSDRv6DML5B6WmAc9s6qtEXdyXuJgtMU3OwszGB4Q6TiPFeSRTZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594879530502671
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 15890
accept-ranges: bytes
cf-ray: 6a2f9de12bfc5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame 534B 9 KB
10 KB 27ms
26ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020556
cf-polished: qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid: ADPycdsGKiqYYNGltYpZve4E6nf7H2fFMwgz1PreThT6tdQYlThBv84ewuVfv4tvHOhVPEO6nwW4iuT-nvoQWsT78g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8886
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmSWdB76QnUsOMs3jUG4mpCgxZ3uxIdv4FdsCiKrT1A95vKq5Y9zc9LFyk8SFYiVegzYT7zE63e%2F6qHYufNcMhAxzL9veoU%2BbY3IgPGACa%2Fsrbv02EyTlkkj3L%2BznMAx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1608208174589657
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:20 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 25987
accept-ranges: bytes
cf-ray: 6a2f9de12bfd5440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 534B 43 B
703 B 50ms
37ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneidZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:20 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2

200

/ Show response
www.autohaus-koenig.de/htlp/ Frame 44A1
Redirect Chain

https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Tdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_...
https://www.autohaus-koenig.de/htlp?coyotetrackingid=382201418
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=382201418

531 B
419 B

13ms
13ms

Document
text/html

195.201.218.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=382201418
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=51682a9bcd6dcf568656460a83ef1f50%2F9337729440682819666&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040880733&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxkq56fej30b4qap2tgwa2k8vrhexfd43m2cpc605e68t7mxryj62qry11kw0yk5wwtpdyfgj0q5z4fs52rc3wywkkqpwza2rrq3jas3pc24kcrmyv838dtvtjkgbc7rtzspf1pkbhzt58dp094mzc9x9x831s3bhbg2h0p3q9z757exj3bbf6mc2qaaavms09m8chjbhvgnx6jv24m5argkg56gwh2w2ycn6zgb6w1pm8847cp7ekg5rr81raw3neq4d7mjhba4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnC1WcL50YZT1A4u6gQfe-aOoApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MJ0vF8qkqb5vw_VXE0bJIcIhkfY5yAWzYhga7jaTDtukK3Ub_aOsx-TNjX6SOqM_sVhjf80qH-7C6vQo210VUdyBUXHtWvJ7UrHEFT3-cK2eLPeaCzGmKURKycIyYJWvEMj0rKbp5CvOE78pZ7xM8DZoglP5Q1PmVywXnXguC9NSlqfgFlWisC0U0ELLn5prInojd3zWdWOV13qaVd9POPdlhtBu7C2NPDSjzC5tI7q_iYW1bnml7nrnq0TNUBD4urevjt5v6PgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0XUZJNgLgO8hsMuoQQ9Ga7oxV_aw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.218.101 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.101.218.201.195.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b

Request headers

:method: GET
:authority: www.autohaus-koenig.de
:scheme: https
:path: /htlp/?coyotetrackingid=382201418
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.1
date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html
set-cookie: mobilityAds=382201418;path=/;expires=Tue, 23 Nov 2021 02:01:20 GMT;samesite=none;secure
content-encoding: gzip

Redirect headers

server: nginx/1.20.1
date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html
content-length: 169
location: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=382201418

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8A84 0
0 30ms
30ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101901&jk=1980554691554510&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CBB 35 KB
35 KB 17ms
17ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 91773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CAD6
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaBSTM_sMMD6quSlEr8_4E&google_cver=1&google_push=AYg5qPJhKJufJHc1K6K0HAimcCGGsUMP-yF_k2lIHdwgjLNEVEowF6NG2c...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJhKJufJHc1K6K0HAimcCGGsUMP-yF_k2lIHdwgjLNEVEowF6NG2cG4bGlWmJ0tl0UQmkL_eXDpIlyQpreYviSbgHgIZ3msNg&google_hm=9n3I...

170 B
188 B

32ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJhKJufJHc1K6K0HAimcCGGsUMP-yF_k2lIHdwgjLNEVEowF6NG2cG4bGlWmJ0tl0UQmkL_eXDpIlyQpreYviSbgHgIZ3msNg&google_hm=9n3IIE4mOFQX4alZxvZjuA

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJhKJufJHc1K6K0HAimcCGGsUMP-yF_k2lIHdwgjLNEVEowF6NG2cG4bGlWmJ0tl0UQmkL_eXDpIlyQpreYviSbgHgIZ3msNg&google_hm=9n3IIE4mOFQX4alZxvZjuA
pragma: no-cache
date: Sun, 24 Oct 2021 02:01:20 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CAD6 0
12 B 25ms
24ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJ0eXjIWHpX9caekLrGOwYpU7F1S8e

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame AE2C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 296ae93876190743dfc62a3d38545b360344a8597a10e7e08818cef8316cfb90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 46F9 64 KB
8 KB 32ms
32ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4nmd9waaw70vtcshct2p13153mdaecxfdr258f3jd6ra39kjrhhyg6r9ce12d3429pk8hvc8qbfspebasknswpw2cs3h9ywwk0wk6e1by0whht7hwvq16s17w1xads2f7g8cf9erwp5m3xpdj2bmy9sfygv0wgez5w115cf8csbtpnzt05qeyy0nhm5fe8mbmfzw7bdkjv8qy1vahx13292xchw0zsfwmp5k971a0hc6f7ey3z82y2jh9akna7hwzbm2arjycxmeyaxjt4b617rfe17534nt20xgc6yqs211ez9p2tq5apaasfp4zmhb1jjc67bq3m1bkp586ext9n7qr2h23eec1vw2whjbh2hnbzahexejjfjpqbz3kq5211sb92hww6abx4y6r0wsvzmfsq8e8wb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h4nmd9waaw70vtcshct2p13153mdaecxfdr258f3jd6ra39kjrhhyg6r9ce12d3429pk8hvc8qbfspebasknswpw2cs3h9ywwk0wk6e1by0whht7hwvq16s17w1xads2f7g8cf9erwp5m3xpdj2bmy9sfygv0wgez5w115cf8csbtpnzt05qeyy0nhm5fe8mbmfzw7bdkjv8qy1vahx13292xchw0zsfwmp5k971a0hc6f7ey3z82y2jh9akna7hwzbm2arjycxmeyaxjt4b617rfe17534nt20xgc6yqs211ez9p2tq5apaasfp4zmhb1jjc67bq3m1bkp586ext9n7qr2h23eec1vw2whjbh2hnbzahexejjfjpqbz3kq5211sb92hww6abx4y6r0wsvzmfsq8e8wb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221145
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9de1dccb5440-LHR
cf-bgj: minify

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 46F9 36 KB
13 KB 31ms
31ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4nmd9waaw70vtcshct2p13153mdaecxfdr258f3jd6ra39kjrhhyg6r9ce12d3429pk8hvc8qbfspebasknswpw2cs3h9ywwk0wk6e1by0whht7hwvq16s17w1xads2f7g8cf9erwp5m3xpdj2bmy9sfygv0wgez5w115cf8csbtpnzt05qeyy0nhm5fe8mbmfzw7bdkjv8qy1vahx13292xchw0zsfwmp5k971a0hc6f7ey3z82y2jh9akna7hwzbm2arjycxmeyaxjt4b617rfe17534nt20xgc6yqs211ez9p2tq5apaasfp4zmhb1jjc67bq3m1bkp586ext9n7qr2h23eec1vw2whjbh2hnbzahexejjfjpqbz3kq5211sb92hww6abx4y6r0wsvzmfsq8e8wb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50017
x-guploader-uploadid: ADPycdsHPR-0WbrwHtujO57kxTC7JXJB_18UorWbtnrU5Mmrm4TUzFm5j6AIGdBgm2flZgscAhO03gaj1f-kZVRpf84U89SF1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:57 GMT
server: cloudflare
etag: W/"8117c73fc4e946a604517e9066dbb583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDNuTnLLINL7t1MmEWOxnc3gnri%2BhzlfRkyGCD9uBBMcX88wuxvpa89DJn%2BiQmEyDerHXVBZ9gThw0E9C6JyFUrg1wDdwqG5vJj23ofMyp4syA2rY96j%2F9Q%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729216993678
content-type: application/javascript; charset=utf-8
expires: Sat, 23 Oct 2021 12:07:43 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11927
cf-ray: 6a2f9de1dccc5440-LHR
cf-bgj: minify

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 44A1 89 KB
35 KB 35ms
35ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-56263170-1

Requested by

Host: www.autohaus-koenig.de
URL: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=382201418

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

963ce1b1cb1251b104adcb10a022b7739dfc350cdaefc4726b8cc1dfe49b09ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.autohaus-koenig.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35753
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:01:20 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 46F9 3 KB
4 KB 26ms
26ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 24 Oct 2021 02:01:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933392
x-guploader-uploadid: ADPycdsUBSwxHn4phaM_fSMzz8i8mhDMWYE4fTZXaieEYLTAiiTVYLRZgbXnHhlSIji6E0ietJ-1qYTcbg2dUf3sGaA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3LHp6yigMNzVODV5kKYf8TKp0FME%2BcB3M1Wql4Rg4dUwb9SD0wDjhbExjKvMplVh%2B1dYsEoVddTcAAhql8AwnlGz27zg%2FW6zFv6oVbLTXqExoqTkd7WWucm0%2BVFwyOw3HeX%2Fmnb"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a2f9de219a140b3-LHR
expires: Thu, 13 Oct 2022 06:44:48 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame D84C 2 KB
2 KB 32ms
32ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 02:01:20 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UyU28B2efLnalLRJpp1c98cvyZKzhwanAq9kVA0wrp9DwnzPDrTmei-CKOE5AaTSC-WvgX_eUP8wMH2DdM5rYKGETrUOQ
expires: Sun, 24 Oct 2021 03:01:20 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2517966
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7XLqmr0O5N1mswVJNGDyIy6OEsqksHl2JblAxJrjf9fKuQEqbYP2gaxwYWMoYmYfzWZkZ7Jv6WdFkb5yfjgtolcPaeyC6e01H4LYlVXK1QEUJdsChW%2FSC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a2f9de22d055440-LHR
content-encoding: br

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 44A1 49 KB
19 KB 23ms
23ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56263170-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.autohaus-koenig.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 15
date: Sun, 24 Oct 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sun, 24 Oct 2021 04:01:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
51ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101901&jk=1980554691554510&bg=!Y2ClYCTNAAbUs_yW1LM7ACkAdvg8Wq9JHoNDJV8Lg1vviAzCQ1jN1sxRR2A8ufxwm6dnHYEY7mXEVQIAAACPUgAAABVoAQeZArs40JPjnhQ5zwSAnt_zs4wwp3r5nvrxFk49Y2HH7HBKHoz7PPAme0fqDpyoUsky7LPJ_3ePaPEvEshncgzqXYTJivRues4I35BS_KtJOJl63H4EFcn52OsdVW9WGEwmWZ4JJeCk0dx49DAs23PyAQ5tjeSWFTpdWTK93IkfS8yRB9KvS271PmjC2mRqDNSUcQ0Cy1yNdUidV5RtmGkFwIJJxDEAUK9_p2saYiddCrY4xUzcffQdxSJhoMQ5uzG-kFuNJzaNg6GP0vBvYV8J2jgmjWrS-tPCHM8-E3OxZPaTC7EKyXFIgaeODq3N2JPbt-9mCcCLga5HtUh5wGslYh0kifQ_PX4OUYc_8N0xoxishb5UgdLxhjQOqZDDGtBRgTUunjFHxp62Dd3NNhftAw9Gjc3pMLx8actw8Guem2jhS6IQKIAiBePQQ806bguLxcAsClQm3HaaptX4ZOHtdBa_DbmOQ1WA93hmSQXPNAjPJdKKCKWKPsuemq7BKyWRW7xQio7ST1OGrk1Eg7pjO5z0QIZj_dj6MrpGUc2SpgiTnt7Kk45jIcaTmPeIg2CwxAkfvghnmBD7GwIJNRXK-uoe5QlMTXMlCtDZ-JT1NE6Xejgtid48MTEEfK76fsqRZYwqMOOyhUsmO4WVMuL4P_RqpDLepL29PJbnCrNd0w4c5v9Xmgkf_I0tY4ZMknvBSkW0w15ddqlEowvdId8Ac5v9m137hvK62TefqwLHsR3raMYAZF-6j_vOmbwF6wwFnbok-1WmQHgszlLlzJP1k2JaUd-OAlMM709QtOAroAGN8Jrgfu7-dH4cxlRVrR3Rd_t-DG5Oax__Mu3GwwCAgaD1uojuifKw7phj2P75EmTnES3q4uf3spVoueUvw5hFM0Kt0TU7dmjlTJlXhIlVi9UVJOaw-bBTGoU0p9I

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 46F9 1 KB
2 KB 41ms
40ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ec516cb4a989b1bf86dd436ca855f4dd8b612737ce45e467f388d9dd3e66ef7

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a2f9de2dd3f20ef-LHR
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEUWZqtvJ3QwWeRkWS7LbSS7DHc93vZM3Cu89bAyCfu%2F%2FnhhIVa8lPoQputF9Feso3V7pmt3H9CvRhFwOTszZM914unhoqtt4GqJHiSiYqtxrCwIKXLM%2FqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vw8k

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 47ms
46ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vw8k
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=si19%2FmmcXVXh18vWXtxUFg4DXskbCpPP0V%2Fn1c1eoEkNYJlw4AYlUkdgR28CqBjYCw7O7M40M44e8Od9DUO3bCx07O8Ci%2BXs4%2FRJc2aKiXLlL5t0c5RMrGo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2f9de29d2120ef-LHR

GET
H3 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25E2 6 KB
3 KB 24ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 27E9 6 KB
3 KB 24ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 3BEB 6 KB
4 KB 44ms
44ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e2c8cd23688bf6100d9d06fdcd6f5475e1102c6476afe80854eb2b7ae32b11

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1h4nmd9waaw70vtcshct2p13153mdaecxfdr258f3jd6ra39kjrhhyg6r9ce12d3429pk8hvc8qbfspebasknswpw2cs3h9ywwk0wk6e1by0whht7hwvq16s17w1xads2f7g8cf9erwp5m3xpdj2bmy9sfygv0wgez5w115cf8csbtpnzt05qeyy0nhm5fe8mbmfzw7bdkjv8qy1vahx13292xchw0zsfwmp5k971a0hc6f7ey3z82y2jh9akna7hwzbm2arjycxmeyaxjt4b617rfe17534nt20xgc6yqs211ez9p2tq5apaasfp4zmhb1jjc67bq3m1bkp586ext9n7qr2h23eec1vw2whjbh2hnbzahexejjfjpqbz3kq5211sb92hww6abx4y6r0wsvzmfsq8e8wb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%26client%3Dca-pub-5965569640055032%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h4nmd9waaw70vtcshct2p13153mdaecxfdr258f3jd6ra39kjrhhyg6r9ce12d3429pk8hvc8qbfspebasknswpw2cs3h9ywwk0wk6e1by0whht7hwvq16s17w1xads2f7g8cf9erwp5m3xpdj2bmy9sfygv0wgez5w115cf8csbtpnzt05qeyy0nhm5fe8mbmfzw7bdkjv8qy1vahx13292xchw0zsfwmp5k971a0hc6f7ey3z82y2jh9akna7hwzbm2arjycxmeyaxjt4b617rfe17534nt20xgc6yqs211ez9p2tq5apaasfp4zmhb1jjc67bq3m1bkp586ext9n7qr2h23eec1vw2whjbh2hnbzahexejjfjpqbz3kq5211sb92hww6abx4y6r0wsvzmfsq8e8wb0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de44e655440-LHR
content-encoding: br

GET
H3 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6B5 6 KB
3 KB 24ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 25E2 0
0 57ms
56ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwAxWcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMYBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-yt8kGl7XIHHBrgKyr4CtEVHN4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01OTY1NTY5NjQwMDU1MDMyGM_OBw&sigh=GDnmQvUnafw&uach_m=[UACH]&cid=CAQSPACNIrLMH5wjIjRkt8K6SdXdgzuYetS-c4PTYpbBWnPOJZcdN0zm1Qqt9ZKqEPo0H3234Uu6YXX3GKZ9KxgB
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 25E2 0
0 24ms
24ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jy6adzrt0bh96rnr5ds58zhn1pp0rdd2dc3t8qt8x70nph1jj89ppcm5nn0cbycctn8p0w8jbaknd056zeh5510wjm8h7y4wy23sf6nxzx30xabh94r2x5rsyecsksj0vr266kwxkxgtm1k8awt15sym98286439m1xd189r4hr3859msqwvas80sywq1jh1r4xw86kyvncrvbcsj2r9n2e6mwkek48vhgh7jfc0benpzrnd9baj2spwtenvb5g5z319d4r6cvw4w72bcxj3xt6690nyzzvg6m5xt5904q3bh8mkswx52yxpm0sdg5sxjywdy56xshkcx5z91v09phnahv3145s5m07q0cnj773xet1pm5hxxs429wj5wb5e80j8gwd2xezzpc9&b=YXS-cAALNkYIEdlnAAXwdasHxVgQdlHBu9jtng
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 3E74 2 KB
2 KB 43ms
42ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g1qvb7ppjvj763fy9nqpth0m9y143ae1e086qt8cny8128v0cypzq6pefbh5cvmad68p16cczcynzja2yq8p1hynd4bsjjexxyzee186cfae34fn1hdj7r91n15pmkn97bbxzh4f4xtbxwwp7xey136b6dywgbkw3cdmbyraj1c07etvk7z1vesgh5re2g140cw8scdz26fcn3yxw78ezwysj51s0v1zsv33j23yk93ces3e9hqr99bb36e96mx8wppyysxa8nngcv0cmgsp167pp283wpf08w78rf1qtgsrzr01mav1twv1vzwdp6p0ny6f7sjr7k2t22b5zc8pe5aneeze66rc1mg41nrmjbnwvb7r72s7ad43hfm3qyrvjyvav6yxt88he91947bjvt40g2yc0jhz0jwx11wmq2xk64f28sdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a72e7c97720bafbdd6af909117cb5768e2444506b8893aab60b86cf54569f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1g1qvb7ppjvj763fy9nqpth0m9y143ae1e086qt8cny8128v0cypzq6pefbh5cvmad68p16cczcynzja2yq8p1hynd4bsjjexxyzee186cfae34fn1hdj7r91n15pmkn97bbxzh4f4xtbxwwp7xey136b6dywgbkw3cdmbyraj1c07etvk7z1vesgh5re2g140cw8scdz26fcn3yxw78ezwysj51s0v1zsv33j23yk93ces3e9hqr99bb36e96mx8wppyysxa8nngcv0cmgsp167pp283wpf08w78rf1qtgsrzr01mav1twv1vzwdp6p0ny6f7sjr7k2t22b5zc8pe5aneeze66rc1mg41nrmjbnwvb7r72s7ad43hfm3qyrvjyvav6yxt88he91947bjvt40g2yc0jhz0jwx11wmq2xk64f28sdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%26client%3Dca-pub-5965569640055032%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de4fee95440-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 25E2 3 KB
1 KB 22ms
22ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:30:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 58F2 1 KB
749 B 16ms
16ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 18:26:41 GMT
expires: Sun, 24 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27280
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25E2 120 KB
37 KB 35ms
34ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:01:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 25E2 14 KB
6 KB 24ms
23ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:36:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 25E2 0
0 29ms
29ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQH1_kO6SH4tJugVhSqf3GO95tB9cdn4TlOxMBxVsHalZZW4N6Hx8L5hdO63BmlKv_zx8aCeJ6xiZ94Kp9lYzKFckczhw
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 25E2 22 KB
7 KB 24ms
23ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 16:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 16:23:19 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F534 16 B
232 B 100ms
100ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 100ms
29ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 27E9 18 KB
8 KB 21ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:35:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:35:07 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 27E9 22 KB
7 KB 26ms
26ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 16:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 16:23:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27E9 120 KB
37 KB 40ms
40ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:01:21 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 3BEB 64 KB
8 KB 51ms
51ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221146
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9de51eff5440-LHR
cf-bgj: minify

GET
H3 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 3BEB 12 KB
13 KB 29ms
28ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sun, 24 Oct 2021 02:01:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277067
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdtvTw-vfiI56uB3wtaagxBSx6kG5Z2-say4fHfytSL9WOMGAKpGcONdq70MMW7flvliqU5mGJgPTSl16qu-m-sCTsA0Vw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq9DXUY%2Bgg8sttnJQP3C5m7f%2BPKXajaXe%2FB4j7kh9BBBw8A%2BsmKBzPXpqkoB0kg207pntXcnDtqPb%2FPT79bhMLLPAFS8pwcPWE%2BKG6WJGYclg5bWD8hgpng3tEultiJ3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:21 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6a2f9de51f005440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 3BEB 10 KB
11 KB 28ms
25ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sun, 24 Oct 2021 02:01:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290641
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdtlHqQMHE5KHtMMKqqauTcwx7zbgBw-5KalA7Sy7EY7eksOqwbJWm0wvhNNKJKG3zDVvls4eFbL2BQvYz2HrUFQs0ypCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xN3Amg%2FkQzP7CEozdmZiGZ5PUme%2BCbd02Mx2kjqMx99l4twpxy1UeFbhVZ1lpWh5pkFeE6zYwSTJET5Hz8Mz%2FNdUStkFvJFXEnxeEi7bO3vZiQp0qfv7oY6E0sr3mBso"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:21 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 6a2f9de51f015440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
assets.ad4m.at/logo/ Frame 3BEB 467 KB
468 KB 29ms
27ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=dyeWTw==, md5=eBhBXL35Vn6m9QiEHE/ipw==
date: Sun, 24 Oct 2021 02:01:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290741
cf-polished: origFmt=png, origSize=706198
x-guploader-uploadid: ADPycduR7on6U3asktSaFUvgp4aw7QCe63Dt3PDtgwQaEfuSSXIu91nl-IZDjbwkBuBKrNn31_D6pXrhfzRYBNtj5vU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 477790
last-modified: Tue, 03 Nov 2020 16:12:21 GMT
server: cloudflare
etag: "7818415cbdf9567ea6f508841c4fe2a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FKf15lxeTUguu5r0RXPi%2BxWPEAVbECrXd4C%2BWvOj7SjH3V3mzQ85zcsV5CXNxMqTGRsxWN8SArDU4w6braZPQfKvsH985VnrfIgyuTVNRY1W13HDLGPh2RhhVVa927D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1604419941958117
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:21 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 706198
accept-ranges: bytes
cf-ray: 6a2f9de51f025440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 3BEB 28 KB
29 KB 58ms
55ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=IDewpA==, md5=0GHKFV91j0kDQOFHYE3D7g==
date: Sun, 24 Oct 2021 02:01:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020547
cf-polished: qual=85, origFmt=jpeg, origSize=133780
x-guploader-uploadid: ADPycdsq5G0eQnsofT_a6I6kV8ab0xo9LWeudeoSCyvZRu88veMEZTYmNCPYm9ABSROaaBuJG78mPSLwkWn-TX5ETIs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28740
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5q83jPiQzRtkf3QT%2FkRb6fxqgOz5DGTeQHMxrqMpoEhCGBgFbVuVk%2FY1WPIUtr3w1pYNdzc%2F4fKaXDAb1euiFoh3gjcXUh3xlwByxJ7lDO47Ako4rM9cSsWJIJrju2%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582021321117606
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:21 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 133780
accept-ranges: bytes
cf-ray: 6a2f9de51f065440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3BEB 43 B
702 B 40ms
37ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2412085&v=14702&q=365825&r=412871&pv=1&pref3=oneidZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
assets.ad4m.at/logo/ Frame 3BEB 20 KB
21 KB 59ms
55ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0614b9e015b9a646c5bb4099edb68390666b12c572a6b4712681be7d4bb9bfe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=To/Z0A==, md5=KhBt45iUESpR/gNmK/6mLw==
date: Sun, 24 Oct 2021 02:01:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276713
cf-polished: origFmt=png, origSize=42492
x-guploader-uploadid: ADPycdvZBoXjB8y9lfTTtd9TyRkFXza3X8NTdgBPyz43lpbM9jGzcLYy-NSifj4oR6GACSq03KjMrm__L4UfIQlRwVhf2eRvlA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20462
last-modified: Wed, 22 Jan 2020 13:07:53 GMT
server: cloudflare
etag: "2a106de39894112a51fe03662bfea62f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2F4J9JDkg2b6PFppptu4UK9OgbBBrG9vZ3ICJSezkmcZVQh%2FNyRSlmxKwHoLLfMIEvuurAtmwMq0PQMiQYgHuZ6xVD8PN8XqIOsw6q9AzYZbntdy3meZ2LDmvFv7SkUX"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698473273442
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:21 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42492
accept-ranges: bytes
cf-ray: 6a2f9de51f075440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
assets.ad4m.at/ Frame 3BEB 41 KB
42 KB 68ms
65ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3539d3eee69eebe924850b7e253e0d255b519d795d58cbdc2409faed2a59112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=qNATdQ==, md5=rtrnh66lL12Rx8tGiazR5g==
date: Sun, 24 Oct 2021 02:01:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276713
cf-polished: qual=85, origFmt=jpeg, origSize=136044
x-guploader-uploadid: ADPycdvLZWGOmKRX3ranL6bbKZ3Gbuij7Dn_FbcluZffeDsnc69GgDlrap-qTG5Yg-Z4Lx-bx2MrxD3k08qLvYBh4LS89z22VQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41838
last-modified: Fri, 04 Oct 2019 10:13:18 GMT
server: cloudflare
etag: "aedae787aea52f5d91c7cb4689acd1e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blVDdRBw9Qdly67atchm6k5R54jixCCl6pHsSCECLxPucjo1SWVBcctHMXzS4y6snxaa%2F1f0yR810I7%2FF8Rmi5odfikPdb2KApP5MPrhYqaAkaROGIpFWczvi5q2GXPW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570183998426851
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:21 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136044
accept-ranges: bytes
cf-ray: 6a2f9de51f085440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3BEB 43 B
703 B 41ms
38ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2578359&v=11671&q=344795&r=412871&pv=1&pref3=oneidEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:21 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E6B5 0
0 55ms
55ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CejTScb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoExgFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LO4A9NM4DwIu-WvIMS7keiMVKrgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU5NjU1Njk2NDAwNTUwMzIYz84H&sigh=fV8gBvxR5V4&uach_m=[UACH]&cid=CAQSOwCNIrLMrGiMNY-AQVI5sfy_12h1eAfr-n7_Uw0Nb_ssjQKGN3qXWQYztDtF3S9Z7O4PJ-F9zg7tZClmGAE
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E6B5 0
0 24ms
23ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k2bd0my7h0b2v3tqkr4yah151xbmp57apbb6jsnm2jsttatf3aph5hv63a1d6vf58670wzzeqgam5cmyb4pa4k5bjcxw5rxcxm09sxxnd92wbtwcahp0nsp8s4khwqje7gmydg1vy3y7ymj086qcq4w6wxma16vnr1422xqracj837qav26544ewkfrh7pp8xbjq1xk0wtks0x0jc60jgd2y86awp0kc9qp2ek402e01a717b8ztz4zhe5n59mnbnaawmpc4c4bdemha1hqwx2cm4g0ajqt4wd859w5vnjxxa7nrjydcy30xfhca4q4vp4ch0c5xgzbqkb93376d08mb9n47n783ppqeyvk9qhq953aq5z7rbbzc4s8tsgqef6rw1f276xsjjxz&b=YXS-cQABEGMK4F_GAAjShgteVIg4FVN5U5c7zg
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame B74D 2 KB
2 KB 55ms
53ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gg0m0kb2maqvzwv1fyxba2tfq8w2y5en50vw06dhatj54hk3ekxrpc7p6ma9dx7d0530dfvsdjqcrvhtrssjftabwyhf8m7c0jghq37a7wnpq58jtcacp1h2b82bmmtfzdfy8m6c565kh88n2f04asjd604w9bftanjpga1sn1ja80nvy07c9k0ke3fmdctp08dcyzeaj95r86k6f99hehsxm0dza1sqsd65sbfg6djfgwr2ysh1avhyz1q0p1ssf3hs6wchrcjseqa5fw3fh6wff1gjs2cxq692kmj8w6x1vavr7pa8weqw0n5x7aqnfjmcdhpsnmy3a41wrvyhpmkbxmq3znggv2kb3qe2h9ba007ccy8zdgc2ck44jzpt74pjw588mjw6tx1c4tzw92axvqpdgbk6qqwzttd38vgra2x4g6fm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa5d38aafc89340b1c30b8414ce53071ad6302a50d0d82a66c4e6286c589820c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1gg0m0kb2maqvzwv1fyxba2tfq8w2y5en50vw06dhatj54hk3ekxrpc7p6ma9dx7d0530dfvsdjqcrvhtrssjftabwyhf8m7c0jghq37a7wnpq58jtcacp1h2b82bmmtfzdfy8m6c565kh88n2f04asjd604w9bftanjpga1sn1ja80nvy07c9k0ke3fmdctp08dcyzeaj95r86k6f99hehsxm0dza1sqsd65sbfg6djfgwr2ysh1avhyz1q0p1ssf3hs6wchrcjseqa5fw3fh6wff1gjs2cxq692kmj8w6x1vavr7pa8weqw0n5x7aqnfjmcdhpsnmy3a41wrvyhpmkbxmq3znggv2kb3qe2h9ba007ccy8zdgc2ck44jzpt74pjw588mjw6tx1c4tzw92axvqpdgbk6qqwzttd38vgra2x4g6fm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%26client%3Dca-pub-5965569640055032%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de53f165440-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame E6B5 3 KB
1 KB 22ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:30:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1715 1 KB
749 B 17ms
16ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 18:26:41 GMT
expires: Sun, 24 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27280
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6B5 120 KB
37 KB 42ms
41ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:01:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame E6B5 14 KB
6 KB 23ms
22ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:36:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E6B5 0
0 31ms
29ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT97W7zu6L1xJUR0rquAESmKWFHJ_le5qd6zSZ-5k7ULVSVSXChW21Q1L3KdLoi1gkZIl_fh1YHQrz5Ny9-qsTL4v-xBw
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E6B5 22 KB
7 KB 25ms
22ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 16:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 16:23:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 58F2
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJaBSTM_sMMD6quSlEr8_4E&google_cver=1&google_push=AYg5qPJ_z5lw6zsx8XEK2fMVIjHEzMVVpjNxCLNVtzBRNDMTrqjwatbngW...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ_z5lw6zsx8XEK2fMVIjHEzMVVpjNxCLNVtzBRNDMTrqjwatbngWpdNoG6yhfchR_y1bFARD9fUJVoWUX_ysrckV_lLugg&google_hm=9n3IIE...

170 B
188 B

28ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ_z5lw6zsx8XEK2fMVIjHEzMVVpjNxCLNVtzBRNDMTrqjwatbngWpdNoG6yhfchR_y1bFARD9fUJVoWUX_ysrckV_lLugg&google_hm=9n3IIE4mOFQX4alZxvZjuA

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ_z5lw6zsx8XEK2fMVIjHEzMVVpjNxCLNVtzBRNDMTrqjwatbngWpdNoG6yhfchR_y1bFARD9fUJVoWUX_ysrckV_lLugg&google_hm=9n3IIE4mOFQX4alZxvZjuA
pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 58F2 0
12 B 25ms
24ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jtf5OQbIG79YmHssDUjjPcVg11Jiod

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 27E9 109 KB
38 KB 58ms
17ms Script
text/javascript 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
Origin: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 12:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Oct 2021 12:36:02 GMT

GET
DATA 200
OK truncated
/ Frame 25E2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b700b2b7cc7fd1a3419f6b8d95692b2f7fd38077bbd3a289f43dd9c5d1a3dea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 3BEB 1 KB
2 KB 159ms
104ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidYxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcroneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidxEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSAoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 32dc500769c806ee1129ab4df83c16c8a18cece12f839af54c0ecaee2e640db5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:21 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:21 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1307
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 3E74 64 KB
8 KB 31ms
31ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g1qvb7ppjvj763fy9nqpth0m9y143ae1e086qt8cny8128v0cypzq6pefbh5cvmad68p16cczcynzja2yq8p1hynd4bsjjexxyzee186cfae34fn1hdj7r91n15pmkn97bbxzh4f4xtbxwwp7xey136b6dywgbkw3cdmbyraj1c07etvk7z1vesgh5re2g140cw8scdz26fcn3yxw78ezwysj51s0v1zsv33j23yk93ces3e9hqr99bb36e96mx8wppyysxa8nngcv0cmgsp167pp283wpf08w78rf1qtgsrzr01mav1twv1vzwdp6p0ny6f7sjr7k2t22b5zc8pe5aneeze66rc1mg41nrmjbnwvb7r72s7ad43hfm3qyrvjyvav6yxt88he91947bjvt40g2yc0jhz0jwx11wmq2xk64f28sdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g1qvb7ppjvj763fy9nqpth0m9y143ae1e086qt8cny8128v0cypzq6pefbh5cvmad68p16cczcynzja2yq8p1hynd4bsjjexxyzee186cfae34fn1hdj7r91n15pmkn97bbxzh4f4xtbxwwp7xey136b6dywgbkw3cdmbyraj1c07etvk7z1vesgh5re2g140cw8scdz26fcn3yxw78ezwysj51s0v1zsv33j23yk93ces3e9hqr99bb36e96mx8wppyysxa8nngcv0cmgsp167pp283wpf08w78rf1qtgsrzr01mav1twv1vzwdp6p0ny6f7sjr7k2t22b5zc8pe5aneeze66rc1mg41nrmjbnwvb7r72s7ad43hfm3qyrvjyvav6yxt88he91947bjvt40g2yc0jhz0jwx11wmq2xk64f28sdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221146
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9de5df915440-LHR
cf-bgj: minify

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 3E74 36 KB
13 KB 27ms
26ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g1qvb7ppjvj763fy9nqpth0m9y143ae1e086qt8cny8128v0cypzq6pefbh5cvmad68p16cczcynzja2yq8p1hynd4bsjjexxyzee186cfae34fn1hdj7r91n15pmkn97bbxzh4f4xtbxwwp7xey136b6dywgbkw3cdmbyraj1c07etvk7z1vesgh5re2g140cw8scdz26fcn3yxw78ezwysj51s0v1zsv33j23yk93ces3e9hqr99bb36e96mx8wppyysxa8nngcv0cmgsp167pp283wpf08w78rf1qtgsrzr01mav1twv1vzwdp6p0ny6f7sjr7k2t22b5zc8pe5aneeze66rc1mg41nrmjbnwvb7r72s7ad43hfm3qyrvjyvav6yxt88he91947bjvt40g2yc0jhz0jwx11wmq2xk64f28sdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52462
x-guploader-uploadid: ADPycdsGbyqH92KB9gYtCivzOPmQZDeusqm-TzZaN9LqWpe_CowgzqtWxDprUA_219EgYDvXAKXlR5VCBiNW64dn67kLIOFDmg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:36 GMT
server: cloudflare
etag: W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp3%2FmOfLrTqXazlOi564%2FDzG089k9Z4QMLnuWRThSGvncPs0o%2Bk86u7QCLvMsL8Qx0IJskEJVQvZZ3OKwZBZIsDf2jQD7hmJyLfymBtdSLBkknPKJWa6hR8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729196057447
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11922
cf-ray: 6a2f9de5df935440-LHR
expires: Sat, 23 Oct 2021 11:26:59 GMT

GET
DATA 200
OK truncated
/ Frame E6B5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aefeb2b7880e534845a3d8c0c9f190e81a790a7e01ea2d9d0bbf77c323f3de0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame B74D 64 KB
8 KB 29ms
29ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gg0m0kb2maqvzwv1fyxba2tfq8w2y5en50vw06dhatj54hk3ekxrpc7p6ma9dx7d0530dfvsdjqcrvhtrssjftabwyhf8m7c0jghq37a7wnpq58jtcacp1h2b82bmmtfzdfy8m6c565kh88n2f04asjd604w9bftanjpga1sn1ja80nvy07c9k0ke3fmdctp08dcyzeaj95r86k6f99hehsxm0dza1sqsd65sbfg6djfgwr2ysh1avhyz1q0p1ssf3hs6wchrcjseqa5fw3fh6wff1gjs2cxq692kmj8w6x1vavr7pa8weqw0n5x7aqnfjmcdhpsnmy3a41wrvyhpmkbxmq3znggv2kb3qe2h9ba007ccy8zdgc2ck44jzpt74pjw588mjw6tx1c4tzw92axvqpdgbk6qqwzttd38vgra2x4g6fm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gg0m0kb2maqvzwv1fyxba2tfq8w2y5en50vw06dhatj54hk3ekxrpc7p6ma9dx7d0530dfvsdjqcrvhtrssjftabwyhf8m7c0jghq37a7wnpq58jtcacp1h2b82bmmtfzdfy8m6c565kh88n2f04asjd604w9bftanjpga1sn1ja80nvy07c9k0ke3fmdctp08dcyzeaj95r86k6f99hehsxm0dza1sqsd65sbfg6djfgwr2ysh1avhyz1q0p1ssf3hs6wchrcjseqa5fw3fh6wff1gjs2cxq692kmj8w6x1vavr7pa8weqw0n5x7aqnfjmcdhpsnmy3a41wrvyhpmkbxmq3znggv2kb3qe2h9ba007ccy8zdgc2ck44jzpt74pjw588mjw6tx1c4tzw92axvqpdgbk6qqwzttd38vgra2x4g6fm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221146
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9de5ef995440-LHR
cf-bgj: minify

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame B74D 36 KB
13 KB 28ms
27ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gg0m0kb2maqvzwv1fyxba2tfq8w2y5en50vw06dhatj54hk3ekxrpc7p6ma9dx7d0530dfvsdjqcrvhtrssjftabwyhf8m7c0jghq37a7wnpq58jtcacp1h2b82bmmtfzdfy8m6c565kh88n2f04asjd604w9bftanjpga1sn1ja80nvy07c9k0ke3fmdctp08dcyzeaj95r86k6f99hehsxm0dza1sqsd65sbfg6djfgwr2ysh1avhyz1q0p1ssf3hs6wchrcjseqa5fw3fh6wff1gjs2cxq692kmj8w6x1vavr7pa8weqw0n5x7aqnfjmcdhpsnmy3a41wrvyhpmkbxmq3znggv2kb3qe2h9ba007ccy8zdgc2ck44jzpt74pjw588mjw6tx1c4tzw92axvqpdgbk6qqwzttd38vgra2x4g6fm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52462
x-guploader-uploadid: ADPycdsGbyqH92KB9gYtCivzOPmQZDeusqm-TzZaN9LqWpe_CowgzqtWxDprUA_219EgYDvXAKXlR5VCBiNW64dn67kLIOFDmg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:36 GMT
server: cloudflare
etag: W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPtGf6P3EJpY3IKuUUMyO%2B6bubqm2FO7xBhdvPWNxDyhtjRNNfogGNp9oCgB%2Fi3kaHbW2VfxVqwb495cPSNYZ0Zq1UYNsndoapWNWYnQ6aX3oqqYjd1W6O4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729196057447
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11922
cf-ray: 6a2f9de5ef9c5440-LHR
expires: Sat, 23 Oct 2021 11:26:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1715
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJjUoK8QEvRpAqP1O4a_vjpHO2i2T9djckN4uw...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTQGNRQUFCRzd2THoyNw&google_push=AYg5qPJjUoK8QEvRpAqP1O4a_vjpHO2i2T9djckN4uwDkeBsQUtdexfkMVnAEC08rwl-8_0twCYv7C-5FGushXldr6IvmjZx8k...

170 B
188 B

26ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTQGNRQUFCRzd2THoyNw&google_push=AYg5qPJjUoK8QEvRpAqP1O4a_vjpHO2i2T9djckN4uwDkeBsQUtdexfkMVnAEC08rwl-8_0twCYv7C-5FGushXldr6IvmjZx8kVHcA

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTQGNRQUFCRzd2THoyNw&google_push=AYg5qPJjUoK8QEvRpAqP1O4a_vjpHO2i2T9djckN4uwDkeBsQUtdexfkMVnAEC08rwl-8_0twCYv7C-5FGushXldr6IvmjZx8kVHcA
Date: Sun, 24 Oct 2021 02:01:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 1715 43 B
608 B 66ms
31ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEP5PTTP9R7FVHlt3spVNGhk&google_push=AYg5qPK6VFOQnuu8cKkokN-zPSRz-EXYVY4cC0wXzRh_l_nR9yyLnE5j_kd1ZsICPi7R_KRWRAz3c4p63PbfTnj2hpWYBko65Z4y&google_cver=1
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1715
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEMhG3hrP4Zpsu2a7bRNkn_I&google_cver=1&google_push=AYg5qPKeAMIFSKUNXh_IcwGJTBJaneuIo2zPHzGEQ_s8x4RUNo6JmZCkcLEaqEH4Hn_noQRlvjjFpEF9sb4wVUocrIvbTZAPtvku
https://rtb.openx.net/sync/dds?google_gid=CAESEMhG3hrP4Zpsu2a7bRNkn_I&google_cver=1&google_push=AYg5qPKeAMIFSKUNXh_IcwGJTBJaneuIo2zPHzGEQ_s8x4RUNo6JmZCkcLEaqEH4Hn_noQRlvjjFpEF9sb4wVUocrIvbTZAPtvku&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKeAMIFSKUNXh_IcwGJTBJaneuIo2zPHzGEQ_s8x4RUNo6JmZCkcLEaqEH4Hn_noQRlvjjFpEF9sb4wVUocrIvbTZAPtvku&google_hm=rUDctqwWzqAfslGUyACQZg==

170 B
188 B

27ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKeAMIFSKUNXh_IcwGJTBJaneuIo2zPHzGEQ_s8x4RUNo6JmZCkcLEaqEH4Hn_noQRlvjjFpEF9sb4wVUocrIvbTZAPtvku&google_hm=rUDctqwWzqAfslGUyACQZg==

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKeAMIFSKUNXh_IcwGJTBJaneuIo2zPHzGEQ_s8x4RUNo6JmZCkcLEaqEH4Hn_noQRlvjjFpEF9sb4wVUocrIvbTZAPtvku&google_hm=rUDctqwWzqAfslGUyACQZg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: mun61nhcnt8vnd9qccfn3uq93tnv229m

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1715
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

29ms
28ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJI4BJnz1vS5L24T9zaNeKgHp4YlJMGsO6LdO6O-aAKzE2GxMV9Rd9PFb_BWhvA-uYnoaXJcoVWxLOsBEw-3X429xAPdwcy5w

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJI4BJnz1vS5L24T9zaNeKgHp4YlJMGsO6LdO6O-aAKzE2GxMV9Rd9PFb_BWhvA-uYnoaXJcoVWxLOsBEw-3X429xAPdwcy5w
date: Sun, 24 Oct 2021 02:01:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK cma
dsum-sec.casalemedia.com/ Frame 1715 43 B
315 B 35ms
13ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1&google_push=AYg5qPJCNgWpKBJutTuGeGZlyv9lvklILKPU4kMhdyZtfyDVoYeUQyhqU_tDVcnsqKRr8GWLGlcs2tq-_kvLgAysfy0b1T1ko549
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 24 Oct 2021 02:01:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1715
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDZla6Cxry2rX-VwWDjsRHE&google_cver=1&google_push=AYg5qPKjiYKORAOGsbdazYaXt3L2AFitfFLbYVefxSMB3jr61JQp89frPCko8HtIeUccH7IMKONeNvhxRw_elw2NRoGqwUe...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKjiYKORAOGsbdazYaXt3L2AFitfFLbYVefxSMB3jr61JQp89frPCko8HtIeUccH7IMKONeNvhxRw_elw2NRoGqwUeb31aX&google_hm=VWO1NVodQKWWwlf_...

170 B
188 B

27ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKjiYKORAOGsbdazYaXt3L2AFitfFLbYVefxSMB3jr61JQp89frPCko8HtIeUccH7IMKONeNvhxRw_elw2NRoGqwUeb31aX&google_hm=VWO1NVodQKWWwlf_6Fp26A

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKjiYKORAOGsbdazYaXt3L2AFitfFLbYVefxSMB3jr61JQp89frPCko8HtIeUccH7IMKONeNvhxRw_elw2NRoGqwUeb31aX&google_hm=VWO1NVodQKWWwlf_6Fp26A
pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1715
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ53t9BbEzozgFQEGvq5Gm4&google_cver=1&google_push=AYg5qPLR2sD_wIsZmrTQlzuW...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLR2sD_wIsZmrTQlzuWr1Z793agFKbPZ1LU7j9X1x87v0tUeQIrqanj5PApSvmxzCsmYjmwWiyN2pJYqB3SvSP3-DWm2rHA9w&google_hm=

170 B
188 B

26ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLR2sD_wIsZmrTQlzuWr1Z793agFKbPZ1LU7j9X1x87v0tUeQIrqanj5PApSvmxzCsmYjmwWiyN2pJYqB3SvSP3-DWm2rHA9w&google_hm=

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLR2sD_wIsZmrTQlzuWr1Z793agFKbPZ1LU7j9X1x87v0tUeQIrqanj5PApSvmxzCsmYjmwWiyN2pJYqB3SvSP3-DWm2rHA9w&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 23 Oct 2021 02:01:21 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1715 0
12 B 26ms
25ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JIqLSGsdZZZoZjlgUR826hCjm4zMJ6GxDCEuULyGTmjiWQBUq8wAKX2UI7u8CLRDdV6mNxXQ

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/124751/4968253339/1632928725046/ Frame 2072 7 KB
3 KB 72ms
51ms Document
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/124751/4968253339/1632928725046/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

sffe /

Resource Hash

9d975d91fa2b388acb2915c8312419082bd8ef1f0822811c9d3b46bd5c90e912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/124751/4968253339/1632928725046/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2745
date: Sun, 24 Oct 2021 02:01:21 GMT
expires: Mon, 25 Oct 2021 02:01:21 GMT
last-modified: Wed, 29 Sep 2021 15:18:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 27E9 0
23 B 53ms
52ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvALBiuj9ihhBSJzXL-T5aRLQT2WFnmSM2RrMUuitXnJhK0SeOe8Bpam9NRIZLjIjjgxV0zL1GNB_00197VLgY53Wy86SZbZ8Yg-gyCupahlYlp8_3WzWP2UUJ5u3OeIIySvhvSJZplNacdLwGs3jukxXUVoFkFATfjOC_nefYJUvtlx6yB-yB7yGIjqEOMmWXDmCOkbhZeaZMW-X7RFOVBL2Kjzc0pdeY5nQfDdmHFWFhj-PAjWHxlsDca5WJ-CjAZJWU1S-f3rAheCDUh2Z0IvHfTmNaNcOHBMbgdc-cuHIr5nGemtp5zfDG-An1rOp-5rsH4h4b8yZyiyg&sig=Cg0ArKJSzBK8aXK-CeFlEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:01:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3E74 3 KB
4 KB 22ms
22ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 24 Oct 2021 02:01:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933393
x-guploader-uploadid: ADPycdsUBSwxHn4phaM_fSMzz8i8mhDMWYE4fTZXaieEYLTAiiTVYLRZgbXnHhlSIji6E0ietJ-1qYTcbg2dUf3sGaA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EN67o11Czka1CQ6a96Tk%2FFGojswCgc65%2BFF71PDiLew3gKC75MnTacPYA2KP9oEtjCa%2B5o6cIZdE7g73uCwVRyV4jYaNkEc%2BSQ065LAKCj8NR61659vk%2BoMXI8nN3cFVox2g65aG"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a2f9de60c8b40b3-LHR
expires: Thu, 13 Oct 2022 06:44:48 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 69F2 2 KB
2 KB 27ms
27ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UyU28B2efLnalLRJpp1c98cvyZKzhwanAq9kVA0wrp9DwnzPDrTmei-CKOE5AaTSC-WvgX_eUP8wMH2DdM5rYKGETrUOQ
expires: Sun, 24 Oct 2021 03:01:21 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2517967
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H08ksAsWXwosjuVDn%2FS%2B5jeSl4FLNncWxawDv2xyT3fU7b4DmlbJaJF%2Bn8oOiz0AirB6V2NWk9PEVHFQ%2F2W42ThJocyENRl5BjncvVbsG0LECtGap5NHChY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a2f9de62fc45440-LHR
content-encoding: br

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B74D 3 KB
4 KB 29ms
29ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 24 Oct 2021 02:01:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933393
x-guploader-uploadid: ADPycdsUBSwxHn4phaM_fSMzz8i8mhDMWYE4fTZXaieEYLTAiiTVYLRZgbXnHhlSIji6E0ietJ-1qYTcbg2dUf3sGaA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stds9En0E3YeP3g6Za8Ktg1UTKPXTEA%2BzKViDfTCTDKPx3piMAnftj3VJ9K2faSLOtLjw4NKtMrjVrC%2FTnTao19IEx0qAvjB2TEg0juEX%2FgZwC07ptVHny1ckhrKTSIa0%2FIhcXry"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a2f9de62c9640b3-LHR
expires: Thu, 13 Oct 2022 06:44:48 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 07EF 2 KB
2 KB 27ms
26ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UyU28B2efLnalLRJpp1c98cvyZKzhwanAq9kVA0wrp9DwnzPDrTmei-CKOE5AaTSC-WvgX_eUP8wMH2DdM5rYKGETrUOQ
expires: Sun, 24 Oct 2021 03:01:21 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2517967
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLcXu0tE3TYnHjO594ddJLlHpmCSBFoinIeu8v3JvP1ZG55G7nLuJT5YPlchDMUrGRZx3dwufNiTHjERejMN4ZjqQX13DFZJB2UaRmTQBbvZD%2FwVRfeuE1g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a2f9de62fcd5440-LHR
content-encoding: br

GET
H3 200 HYPE-736.thin.min.js Show response
s0.2mdn.net/dfp/124751/4968253339/1632928725046/ Frame 2072 55 KB
24 KB 59ms
59ms Script
text/javascript 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/124751/4968253339/1632928725046/HYPE-736.thin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/124751/4968253339/1632928725046/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

sffe /

Resource Hash

34660fe46d78c890b82dd7e19886dca4ce2c46d31b1b308ba9b81e53a9f1669e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/124751/4968253339/1632928725046/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24549
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 15:18:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 02:01:21 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 3E74 1 KB
2 KB 40ms
40ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28be698d1386d65a5ea173fdd602b083b521cbe29c7aef8f125e755be17f1f8e

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a2f9de6cff820ef-LHR
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3boehZb728Xy8S0%2Bd7DON%2B21eTM6wSYEj6ktEkP0wHd10T%2FUsYhTzQnKXzbjigjIb%2FMg6T4F1ecG%2BH49UR8WPvHRga6eu7wfXZmlc0kEyCfInU2GOxSzu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vw8k

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
43ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vw8k
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KL%2FLJuzE0s6VNKrbNmAwbrEE4oJrLeq0TawP4d7lFybLIGzoaSzse91kbZhC%2Fui6Apjs8Pv2VRQfkKS3Nt7N1NYCWzONuxMdxR3eHmPVHIiLzlzfsCXyeIY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2f9de68fc120ef-LHR

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 42ms
42ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vw8k
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wL%2B%2B6sCHTXEbvezzyzduZZ304QrZYjJHOPGnHTtYaxB4eOf99KOUKOx%2Bl9zq2GBtldcuTWzmDeQWD6KPSB41c%2FPKg826miyk78eKTa%2FKEs548zzujJus%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2f9de68fc720ef-LHR

POST
H3 200 rs Show response
ad4m.at/ Frame B74D 1 KB
2 KB 38ms
38ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 488be359211b65114dc11de3c2f567da5d39304d7a5b39c0787d01a6c7539f37

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a2f9de6cffa20ef-LHR
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwa98Z%2B%2BriHg%2FoxfMKvmVMmRW9Gzp989%2BEBiZ%2F9gC3TV4uPxkyVDRd%2B3yGFoJSHZ2mT32ZgpM1l6YiL52S3WlVJ69YXD1iRgEuEMCKG%2FyjTC274bLSbIzDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vw8k

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3BEB 51 KB
51 KB 7ms
7ms Script
application/javascript 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidYxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcroneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidxEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSAoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 74003
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 23 Oct 2021 05:27:59 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: pDAToY6gJgBkE_rzFUW85CX3XR7z3h4_cyHz9vGhdfXDIcKZtxk7sg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 3BEB 25 KB
26 KB 87ms
32ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidY8mhrf3fwBgTVH9HetQt1JWSATWt4WxTroneid&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C19769%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2CZxJfwfBf6A8UmHDHDt3tJQ2aVTXTx3qaJ%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C9jeTMfmfxKYFKHBH2tzCr7EhwTmTZY2Td%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=cbfd49d11b6876901c603c56bb21637a%2F9250993737144940825&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881114&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g3eh9p0wc0g7e55skq6s3tjbejqcsq3x4wbpnqrt7x4ncstt35eqf42adxbmd3k9f4sjet5cznh1fvzjpt581ftqmxajkevmtyajxvvc1h8bdsnjaaa7v1ejfsdf2t5pp9m5ebz4r1w3b2v8yksrd93eqj683j5vg8jb56tq1tkefpveht453ff3j1r4zz3dzs8vhmsh02jbfdhcak7ea36ns3amhb3mj1rqwvcfynwc5wkd9qsg43sy16b0mz57aq3cte3qyw80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCOVQXcL50YaS6Gq-Jx_AP4tybcJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NDNb8xURaKdF42vTm_0-9LH-ZXjGwPaupTAnqDAzZLDvOY8eVf5yf9OkZLrXSQ87AYPPk_sHmGtMsh1qHrzay3cgBf84pxwwauaBklVXTa0I_EUTOwZMvuofuWZ6J5EOmTUwlrzvvfwBm1TPB25G8szhLC-SZHcHorn00jFq9Dx4HARbgCnoNxuVHmuihpqtu2z2WPGwpEU3RQmsk38r_TO24ekqZGRPUInMF92DM-KHHM1otx2qULc2PweRM2vEDWwYTCN8orgBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3RlwEElVfQKHI2vEWE2pAxDZnQsg%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:21 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:21 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 container.html Show response
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E321 6 KB
3 KB 24ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ktar.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ktar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:01:19 GMT
expires: Mon, 24 Oct 2022 02:01:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 206 2021.09%20--%20Day%20%26%20Night%20Call%20Early%20Early%20Bird%20Special.mp4
s0.2mdn.net/dfp/124751/4968253339/1632928725046/ Frame 2072 110 KB
110 KB 48ms
48ms Media
video/mp4 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/124751/4968253339/1632928725046/2021.09%20--%20Day%20%26%20Night%20Call%20Early%20Early%20Bird%20Special.mp4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/124751/4968253339/1632928725046/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

sffe /

Resource Hash

62379d9a57aefb1817995957935caa68902b457ad240d9aab95fc787c6dea932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/124751/4968253339/1632928725046/index.html
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-112669/112670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Content-Length: 112670
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 15:18:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Oct 2021 02:01:21 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2B84 7 KB
4 KB 44ms
44ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e631b8c66d6cf1ad8bf6583c2da9131331d81e59ee661b81bc1ef196d1fffc1b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1gg0m0kb2maqvzwv1fyxba2tfq8w2y5en50vw06dhatj54hk3ekxrpc7p6ma9dx7d0530dfvsdjqcrvhtrssjftabwyhf8m7c0jghq37a7wnpq58jtcacp1h2b82bmmtfzdfy8m6c565kh88n2f04asjd604w9bftanjpga1sn1ja80nvy07c9k0ke3fmdctp08dcyzeaj95r86k6f99hehsxm0dza1sqsd65sbfg6djfgwr2ysh1avhyz1q0p1ssf3hs6wchrcjseqa5fw3fh6wff1gjs2cxq692kmj8w6x1vavr7pa8weqw0n5x7aqnfjmcdhpsnmy3a41wrvyhpmkbxmq3znggv2kb3qe2h9ba007ccy8zdgc2ck44jzpt74pjw588mjw6tx1c4tzw92axvqpdgbk6qqwzttd38vgra2x4g6fm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%26client%3Dca-pub-5965569640055032%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gg0m0kb2maqvzwv1fyxba2tfq8w2y5en50vw06dhatj54hk3ekxrpc7p6ma9dx7d0530dfvsdjqcrvhtrssjftabwyhf8m7c0jghq37a7wnpq58jtcacp1h2b82bmmtfzdfy8m6c565kh88n2f04asjd604w9bftanjpga1sn1ja80nvy07c9k0ke3fmdctp08dcyzeaj95r86k6f99hehsxm0dza1sqsd65sbfg6djfgwr2ysh1avhyz1q0p1ssf3hs6wchrcjseqa5fw3fh6wff1gjs2cxq692kmj8w6x1vavr7pa8weqw0n5x7aqnfjmcdhpsnmy3a41wrvyhpmkbxmq3znggv2kb3qe2h9ba007ccy8zdgc2ck44jzpt74pjw588mjw6tx1c4tzw92axvqpdgbk6qqwzttd38vgra2x4g6fm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de718575440-LHR
content-encoding: br

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6AD7 7 KB
4 KB 44ms
44ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6888a2ad35d9d5dcc3e6a916a8a05d6bd55618b690b2d2e088ccf41a5b90d0d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1g1qvb7ppjvj763fy9nqpth0m9y143ae1e086qt8cny8128v0cypzq6pefbh5cvmad68p16cczcynzja2yq8p1hynd4bsjjexxyzee186cfae34fn1hdj7r91n15pmkn97bbxzh4f4xtbxwwp7xey136b6dywgbkw3cdmbyraj1c07etvk7z1vesgh5re2g140cw8scdz26fcn3yxw78ezwysj51s0v1zsv33j23yk93ces3e9hqr99bb36e96mx8wppyysxa8nngcv0cmgsp167pp283wpf08w78rf1qtgsrzr01mav1twv1vzwdp6p0ny6f7sjr7k2t22b5zc8pe5aneeze66rc1mg41nrmjbnwvb7r72s7ad43hfm3qyrvjyvav6yxt88he91947bjvt40g2yc0jhz0jwx11wmq2xk64f28sdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%26client%3Dca-pub-5965569640055032%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g1qvb7ppjvj763fy9nqpth0m9y143ae1e086qt8cny8128v0cypzq6pefbh5cvmad68p16cczcynzja2yq8p1hynd4bsjjexxyzee186cfae34fn1hdj7r91n15pmkn97bbxzh4f4xtbxwwp7xey136b6dywgbkw3cdmbyraj1c07etvk7z1vesgh5re2g140cw8scdz26fcn3yxw78ezwysj51s0v1zsv33j23yk93ces3e9hqr99bb36e96mx8wppyysxa8nngcv0cmgsp167pp283wpf08w78rf1qtgsrzr01mav1twv1vzwdp6p0ny6f7sjr7k2t22b5zc8pe5aneeze66rc1mg41nrmjbnwvb7r72s7ad43hfm3qyrvjyvav6yxt88he91947bjvt40g2yc0jhz0jwx11wmq2xk64f28sdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de718595440-LHR
content-encoding: br

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E321 0
0 54ms
54ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXbt_cb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoExgFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUD4r8KOgIYCcwHLPwTuU6P3WWvgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU5NjU1Njk2NDAwNTUwMzIYz84H&sigh=3h-l6UIW_Oo&uach_m=[UACH]&cid=CAQSOwCNIrLMx25hYEd8JcIY9adEmlaGqcHyXeFRcEuEWRQO8EDT3thsBTVE4jY1D3JqVAlcLmGTGPg6S0kVGAE
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E321 0
0 23ms
23ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hs4by3q9899z2jy7xnpn0v96mgkg6hxrc8mtsx7md5cqchv1rxg742s23m6nf2c6eqtbf3ktjsjrb8gkvtzy53twngts6cjkmj4bp4rncc4nyx3ng770cwh29ceenc9cp1hqvfr41t58t0d8ntsg3h3yd696bvfxj88d0sr8f3gxarzz7xht3xbjgtqrxz6v2zh88p42dt4b31asfdfwqjk0kg09vmtnbypy7mtaedyxk1c9sfrjb5emfejrggx22ed88zwhq0eqwj4dcvtysatb8w3bgny9jw1x5ehaxg2ex9nz84h4threp0b4y6ve2x3t259ryask41nsx3c36n0w3mdkfwnrhkd6mypzndvxz81nrtb73kj78xeee30z8r71wmcevbe82w4&b=YXS-cQAFkowKe7dVAADdcHEPRqt8n806S-sMsA
Requested by: Host: ktar.com
URL: https://ktar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 8AE3 2 KB
2 KB 43ms
43ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jdn255ya7e6g9zra2ej99bw1qey2vfb374q7j6n37w5mmmbs9jxejzdeg0whnnpfqg2we64j7k4np4tcwj97n0c40zxrzc1rphcnjk2njsfnsvjfgxzc26ab4g78xrermzgx6a4j55pbwvygbb4srwcte8b54fmwvhf1a1w7a4xb1wrwtjqnsmyz7r39pzqcv56zwqsxpw4sqca7z1c20cgnq3sgv6dbpb84aaja7agkxw8yb0v1bmshfd74jwae2a0n771qxhrt0f6jgcdt18fsa331a4w3j7ctyswac77tkamkpp59sz39x1pgc6rqfzvtcrx90ackbxaavpskbj7awa0w9tzggjqqqxpdta9xs7fbza1m12ntangmtb8s3kvtg3q09em52yx15m8a6zb28dpqr89avhwwvxv8sc7ga4jm3qhg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%26client%3Dca-pub-5965569640055032%26adurl%3D

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7544e1dbf7873dca1fc645ecb23f25e5653fbc9e634944cc3e89b5e74b439ec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1jdn255ya7e6g9zra2ej99bw1qey2vfb374q7j6n37w5mmmbs9jxejzdeg0whnnpfqg2we64j7k4np4tcwj97n0c40zxrzc1rphcnjk2njsfnsvjfgxzc26ab4g78xrermzgx6a4j55pbwvygbb4srwcte8b54fmwvhf1a1w7a4xb1wrwtjqnsmyz7r39pzqcv56zwqsxpw4sqca7z1c20cgnq3sgv6dbpb84aaja7agkxw8yb0v1bmshfd74jwae2a0n771qxhrt0f6jgcdt18fsa331a4w3j7ctyswac77tkamkpp59sz39x1pgc6rqfzvtcrx90ackbxaavpskbj7awa0w9tzggjqqqxpdta9xs7fbza1m12ntangmtb8s3kvtg3q09em52yx15m8a6zb28dpqr89avhwwvxv8sc7ga4jm3qhg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%26client%3Dca-pub-5965569640055032%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de7185b5440-LHR
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame E321 3 KB
1 KB 21ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:30:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4832 1 KB
749 B 16ms
16ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 18:26:41 GMT
expires: Sun, 24 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27280
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E321 120 KB
37 KB 32ms
32ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:01:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame E321 14 KB
6 KB 21ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:36:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E321 0
0 30ms
30ms Image
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_6wTUWRM8K5bKFbUfiXq-i6Kw7bNL_Z2nB0g4Lx1EuYlgk2FR9qtXVgzl5gWPa_vbeyGROnb6NI7v-f-Nb8O9JCEiOw
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E321 22 KB
7 KB 21ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 16:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 16:23:19 GMT

GET
DATA 200
OK truncated
/ Frame E321 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 888fae75611f1424ab2903529a6c4b5610d3f6be56d27beaea143bdc40b48870

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 27E9 0
0 70ms
49ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgoDBYxScnACw7PbyWTf_hnNPPo1DncSVXbO-GLb0Akt4tTSgg26cVKwIgO-FYwyKanA7P2Z-tzHOaJGRY-5B06s4yS5wvOOoUFD_WpStNknW42OEx4_uTD5JosNyAcCZRvVhle9PMKM8GSAvKf0FAXnxgkyiKU_HHLQIoWu7QEauSPLWVAgeqpDGcr3r3Sr0SUeQKHflPywQUoX9PZywtOVqkRG8jHbHhjfURFK-RMoxXyNnYQOnqZgzbVUmJ5pw0cyDpWlsKUISGaBDITJMwpJFxlsGaie3Z8U3ihlhJr__Lf_DKvcDyAt5iUy6IywbsJlaG6UDlvWc62YiO&sig=Cg0ArKJSzH_IPemqkLLhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:01:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 24 Oct 2021 02:01:21 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 2B84 64 KB
8 KB 28ms
28ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221146
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9de8793e5440-LHR
cf-bgj: minify

GET
H3 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 2B84 12 KB
13 KB 27ms
26ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277067
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdtvTw-vfiI56uB3wtaagxBSx6kG5Z2-say4fHfytSL9WOMGAKpGcONdq70MMW7flvliqU5mGJgPTSl16qu-m-sCTsA0Vw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy05aMyvV64FOaM%2B5f%2F3OWx%2FoXMhE7dCM53gl4yojQThZzy2Meb5G3XkFlgmwF7l4xd7zGPv4SXA49KZgFi2LG5NgTB9CMwn2syGO%2BYk5vcs07f%2FomEjDrS%2BBKZvInTK"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:21 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6a2f9de8793f5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 2B84 10 KB
11 KB 30ms
29ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290642
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdtlHqQMHE5KHtMMKqqauTcwx7zbgBw-5KalA7Sy7EY7eksOqwbJWm0wvhNNKJKG3zDVvls4eFbL2BQvYz2HrUFQs0ypCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rV4Fu0xqdstENDeOWcYTiSWS9eYaeiP8LMo0gFfY2qm7d5tspBTtC9Cr5rwbuickBukGIPIGceY7nEbHTxcuVWSdecnGen4hybjfkZcsMp9Uj7cQrqUBk%2FOVNlgXyj48"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 6a2f9de879405440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 2B84 8 KB
9 KB 34ms
33ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277087
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsHCApW0lOlefku3GjA7I0qCCp15e9jDB4yO4RzQRIHB5G9jjxHwswHAZwkzHHhj3idzl-_-C3_ePUuPo1szhNqhnn76A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5sffDUvCrsE4t0f%2BAvWKTIc5W2kTd0SpMcq8ZDbq%2BOQORQYhlx8EiVXgfflOzGnbBGczvPd4AxxON%2FE%2BgF%2BzEd4L%2BFVXQG7Y6AOe%2FTnAW0lUjj6J4PbXFyIsAU6nada"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6a2f9de879415440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 2B84 30 KB
30 KB 30ms
29ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933388
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdsJ2Us9hfCbsZ5CITOmHq-7wG4TeM1v6jA4Xp8EXdxIkw3EjFX7SC4jfzs-gnuBR8uV8172DkEJ69fPU8m-csM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqsHp%2F05%2FJ%2B9ziS4XDwQVNed4fp9oYY4sf6OHQ4I6tkeJqG7CEqAhCRnsetq7Kdznxsdjh2aQibOTkReUHUE%2FPEGZoc%2FizDOOjsw5MS1ii%2BjrxwHmDRJ05uK9WoBwLI7"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6a2f9de879435440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 2B84
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPCN3Pf54fMCFX-K_QcdHOYHMQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040882_494b20b0-346e-11ec-bb42-2234d33d3970

0
516 B

11ms
11ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040882_494b20b0-346e-11ec-bb42-2234d33d3970
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0

Redirect headers

Date: Sun, 24 Oct 2021 02:01:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040882_494b20b0-346e-11ec-bb42-2234d33d3970
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 2B84 6 KB
7 KB 34ms
33ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276983
cf-polished: origFmt=png, origSize=17428
x-guploader-uploadid: ADPycduEjOT4vTxBjSvC6bd-vQx0NVSNAaTB67vUxynUBdCJlajRIvYPgOvFBwp_afWzxb-uD5vtpk3LF0rTcK0rmtqdY1IYmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6390
last-modified: Wed, 18 Aug 2021 10:34:33 GMT
server: cloudflare
etag: "26c84ef9c719f5cf615a799a8667d2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRCVTjLJy4K8FgkDHRTRROVT3y%2BMr1pZP3%2BMDosfKutBLe9pCVl0YCbDVTHgDgNs%2FCg2XozPKZmGn%2FYCjqdTHtg2N5fm%2F9jZGBHYnokbj0wLiYMtX1xvnndcsA3YyaLe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629282873725600
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 17428
accept-ranges: bytes
cf-ray: 6a2f9de879465440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 2B84 28 KB
29 KB 29ms
28ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020525
cf-polished: qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid: ADPycdvLLur8lBkGkcquGrC4NKeaWwPa006KmwCKgUOQETOuiFtUjog6fvwBpWz2ivyIQDEciQ6vhUXt53vvgQPS_aE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28448
last-modified: Tue, 03 Aug 2021 12:47:14 GMT
server: cloudflare
etag: "6d92776609fcae3d35627b3987f9b1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USINdw1wuaIr3UPzNok%2FkfajaWD7ZKdvVVuE4jHmQyqP9LZlSHwopYh5CGeTuk62dDuW0pfgeo3%2BiixWDUoq0SIm0l65xMOxyQyRRhNThPjGC0yEtY5XsLIvL5kJ3iXL"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627994834652806
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 82379
accept-ranges: bytes
cf-ray: 6a2f9de879485440-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 tsv
neso.r.niwepa.com/ts/i5542019/ Frame 2B84 43 B
469 B 26ms
25ms Image
image/gif 35.187.117.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneid5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.187.117.15 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.117.187.35.bc.googleusercontent.com

Software

nginx/1.13.9 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
last-modified: Sun, 24 Oct 2021 02:01:21 GMT
server: nginx/1.13.9
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 6AD7 64 KB
8 KB 38ms
38ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221147
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9de879495440-LHR
cf-bgj: minify

GET
H3 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 6AD7 12 KB
13 KB 34ms
34ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277068
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdtvTw-vfiI56uB3wtaagxBSx6kG5Z2-say4fHfytSL9WOMGAKpGcONdq70MMW7flvliqU5mGJgPTSl16qu-m-sCTsA0Vw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6w3lw7wHHPg2PZz0C5QP83c3E5q71XtNbXWToAmXtpy2OOduu%2Bcu%2BJ7d6Tem5kEOhBMUGQx2ZAgI%2Br16kviF8QbS0I27PDpxr7zqJJkUgLVzj40%2BH2wHKOV%2Bv%2Bj2yNX"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6a2f9de8794a5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 6AD7 10 KB
11 KB 30ms
29ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290642
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdtlHqQMHE5KHtMMKqqauTcwx7zbgBw-5KalA7Sy7EY7eksOqwbJWm0wvhNNKJKG3zDVvls4eFbL2BQvYz2HrUFQs0ypCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4icM7oP8t4tTV0chkAo8WvnxDIjHf2UHlLJq7Mp%2FHGJAaFqE7oNNQndhco9zYB%2BGRK0W2NJlFohASoj9jLBB7W4gHoITFsj4VNXw4aIuRSAbSj51ppodlcl1WPNb%2BoF"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 6a2f9de8794b5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 6AD7 8 KB
9 KB 35ms
35ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277087
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsHCApW0lOlefku3GjA7I0qCCp15e9jDB4yO4RzQRIHB5G9jjxHwswHAZwkzHHhj3idzl-_-C3_ePUuPo1szhNqhnn76A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xt2f77LLoU3dSyYae5eIYGXj5439XI67YVzQ%2F%2FyAZMa%2FwqGG7G3MmJ35ULzvm5Zl2SKMfhxOOAR88DY7TV9kyo54StuXiNcWiPSwUJx2mJNvAs5MLZXCeCJ%2BgwppzIP9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6a2f9de8794d5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 6AD7 30 KB
30 KB 32ms
31ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933388
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdsJ2Us9hfCbsZ5CITOmHq-7wG4TeM1v6jA4Xp8EXdxIkw3EjFX7SC4jfzs-gnuBR8uV8172DkEJ69fPU8m-csM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geklYUJHtec1fZ58erhdFiQqgEKwSZKgS8ZhUNraVQCUkiUwHi7UWwkSs7JkPIH42cODFj1obEEiZ2%2F2GqjCGK4La8GReWMpyWGrLqon06S8i049V8CVPinDlytJET6q"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 6a2f9de879505440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 6AD7
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPrK3Pf54fMCFVPsuwgdpncGGA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040882_493b1b20-346e-11ec-b9be-2230dce87953

0
516 B

11ms
11ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040882_493b1b20-346e-11ec-b9be-2230dce87953
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:21 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

Redirect headers

Date: Sun, 24 Oct 2021 02:01:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635040882_493b1b20-346e-11ec-b9be-2230dce87953
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 6AD7 6 KB
7 KB 33ms
33ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276983
cf-polished: origFmt=png, origSize=17428
x-guploader-uploadid: ADPycduEjOT4vTxBjSvC6bd-vQx0NVSNAaTB67vUxynUBdCJlajRIvYPgOvFBwp_afWzxb-uD5vtpk3LF0rTcK0rmtqdY1IYmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6390
last-modified: Wed, 18 Aug 2021 10:34:33 GMT
server: cloudflare
etag: "26c84ef9c719f5cf615a799a8667d2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vO6uBevYC1XqLNCnYHwpFRk4tSXwizlpWZSHo%2BU%2BCGTFmxwI3Gerl2XVsMqqMmicoQcxONWMk6tLWZM7%2Bx6FI0So6I4fgu3POsRGQe0P3pID%2FJpXxs0nLaJqI5LEX08"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629282873725600
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 17428
accept-ranges: bytes
cf-ray: 6a2f9de879525440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 6AD7 28 KB
29 KB 32ms
31ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020525
cf-polished: qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid: ADPycdvLLur8lBkGkcquGrC4NKeaWwPa006KmwCKgUOQETOuiFtUjog6fvwBpWz2ivyIQDEciQ6vhUXt53vvgQPS_aE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28448
last-modified: Tue, 03 Aug 2021 12:47:14 GMT
server: cloudflare
etag: "6d92776609fcae3d35627b3987f9b1e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjbzdrSzbq0rYXWQZ%2F11OdKyLKXBw4jKhOA3vkgCVUM%2FuHMKR31WnvHYWO39bvpA5%2BpzOApTJwoo%2BYu%2B6poOgsNe3rUnGnSKmY4xJVp1AmupjC%2FtEpgB2oXZn1hLUx%2B8"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627994834652806
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 82379
accept-ranges: bytes
cf-ray: 6a2f9de879535440-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 tsv
neso.r.niwepa.com/ts/i5542019/ Frame 6AD7 43 B
469 B 25ms
25ms Image
image/gif 35.187.117.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.187.117.15 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.117.187.35.bc.googleusercontent.com

Software

nginx/1.13.9 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
last-modified: Sun, 24 Oct 2021 02:01:21 GMT
server: nginx/1.13.9
p3p: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame 4832 42 B
316 B 32ms
30ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLYM_3bydJBc2shl14QLBSMeO3uzBt1lLZpcleJ4HWUkMM1UvQNCEKu9YgA4eidh-_EzYlfp3nSDfZtlo3-mwvcIhb2Uv_w&google_gid=CAESEGqnl6nHQt8_Yusb0XCHbOc&google_cver=1
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:01:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4832
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKGsNr_...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKGsNr_...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjQwMjAxMjIwMDA1NDA4MjYwNTkwNg%3D%3D&google_push=AYg5qPKGsNr_6_rgHo3Ot61se1iSjHlxa0_necmBMbmYmhx0pjpliBEcpQKcsM0x49hP3i...

170 B
188 B

30ms
29ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjQwMjAxMjIwMDA1NDA4MjYwNTkwNg%3D%3D&google_push=AYg5qPKGsNr_6_rgHo3Ot61se1iSjHlxa0_necmBMbmYmhx0pjpliBEcpQKcsM0x49hP3iBAJ7wHScAV9Ww10pXItmckAS8b76Ov

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMjQwMjAxMjIwMDA1NDA4MjYwNTkwNg%3D%3D&google_push=AYg5qPKGsNr_6_rgHo3Ot61se1iSjHlxa0_necmBMbmYmhx0pjpliBEcpQKcsM0x49hP3iBAJ7wHScAV9Ww10pXItmckAS8b76Ov
pragma: no-cache
date: Sun, 24 Oct 2021 02:01:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 24 Oct 2021 02:01:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4832
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEMhG3hrP4Zpsu2a7bRNkn_I&google_cver=1&google_push=AYg5qPIAMrPOgeuY4XDFfXObuiZgR6T5lZi8_DuOAl0MNgFWvA5Oy7qpr2JLUNltu2nwddis11eaUTE-ESyzUc5Vy9eGWVJBjlhV
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIAMrPOgeuY4XDFfXObuiZgR6T5lZi8_DuOAl0MNgFWvA5Oy7qpr2JLUNltu2nwddis11eaUTE-ESyzUc5Vy9eGWVJBjlhV&google_hm=rUDctqwWzqAfslGUyACQZg==

170 B
188 B

28ms
28ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIAMrPOgeuY4XDFfXObuiZgR6T5lZi8_DuOAl0MNgFWvA5Oy7qpr2JLUNltu2nwddis11eaUTE-ESyzUc5Vy9eGWVJBjlhV&google_hm=rUDctqwWzqAfslGUyACQZg==

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:21 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIAMrPOgeuY4XDFfXObuiZgR6T5lZi8_DuOAl0MNgFWvA5Oy7qpr2JLUNltu2nwddis11eaUTE-ESyzUc5Vy9eGWVJBjlhV&google_hm=rUDctqwWzqAfslGUyACQZg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tja366pe0fu5m7ajdnorrk4nt9pt2lr7

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4832
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
27ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLSxi6lCC_1vNgT4Q_XrD1uaFyQUd-R2Im3oP9LDRIUAe_kRSV7DxVxHwOwJ8Wk98O_xWRTlx6sJ8irQQfMSKoUdTNQILhI

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a3BVUASXRJiYm_yjhmWQNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLSxi6lCC_1vNgT4Q_XrD1uaFyQUd-R2Im3oP9LDRIUAe_kRSV7DxVxHwOwJ8Wk98O_xWRTlx6sJ8irQQfMSKoUdTNQILhI
date: Sun, 24 Oct 2021 02:01:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK cma
dsum-sec.casalemedia.com/ Frame 4832 43 B
315 B 11ms
10ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1&google_push=AYg5qPL0Tj1j6jMMYWcfLXbP05iUSSX5-gFX5bS6hj1bNje4-DFuTWVTev4rx1ATDnOesWOnOM2AAalCbbQTRtEkrfCG7Tk53ojx
Requested by: Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 24 Oct 2021 02:01:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4832
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDZla6Cxry2rX-VwWDjsRHE&google_cver=1&google_push=AYg5qPLP0E8B9i68ye7dyiSEVgHctM2eDXOzHTSRKiy7og0-_LMcIRDGuUTptrqRkMV_gGpGVnvK2Wi9Vd7Epp2qiSCCvHP...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLP0E8B9i68ye7dyiSEVgHctM2eDXOzHTSRKiy7og0-_LMcIRDGuUTptrqRkMV_gGpGVnvK2Wi9Vd7Epp2qiSCCvHPEqUza&google_hm=VWO1NVodQKWWwlf_...

170 B
188 B

29ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLP0E8B9i68ye7dyiSEVgHctM2eDXOzHTSRKiy7og0-_LMcIRDGuUTptrqRkMV_gGpGVnvK2Wi9Vd7Epp2qiSCCvHPEqUza&google_hm=VWO1NVodQKWWwlf_6Fp26A

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLP0E8B9i68ye7dyiSEVgHctM2eDXOzHTSRKiy7og0-_LMcIRDGuUTptrqRkMV_gGpGVnvK2Wi9Vd7Epp2qiSCCvHPEqUza&google_hm=VWO1NVodQKWWwlf_6Fp26A
pragma: no-cache
date: Sun, 24 Oct 2021 02:01:22 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4832
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ53t9BbEzozgFQEGvq5Gm4&google_cver=1&google_push=AYg5qPLNpf0KycHI5u0TqetS...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLNpf0KycHI5u0TqetSZgdSORLvj4fdWzrXIjAQTJmtnAiwfiMZvWIm6vuyxiXzTRHakU--KTzoEHrPtwZAZoAL7rMXWUtbhw&google_hm=

170 B
188 B

28ms
27ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLNpf0KycHI5u0TqetSZgdSORLvj4fdWzrXIjAQTJmtnAiwfiMZvWIm6vuyxiXzTRHakU--KTzoEHrPtwZAZoAL7rMXWUtbhw&google_hm=

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:22 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLNpf0KycHI5u0TqetSZgdSORLvj4fdWzrXIjAQTJmtnAiwfiMZvWIm6vuyxiXzTRHakU--KTzoEHrPtwZAZoAL7rMXWUtbhw&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 23 Oct 2021 02:01:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4832 0
12 B 26ms
25ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFKyEoUxNNQJdPq3F91k3Ofku6NVonq_vM5siym4p5ekE0Ts3iYDEOgOrX1VjzrFkH_KtwUA

Requested by

Host: dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
URL: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 8AE3 64 KB
8 KB 35ms
35ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jdn255ya7e6g9zra2ej99bw1qey2vfb374q7j6n37w5mmmbs9jxejzdeg0whnnpfqg2we64j7k4np4tcwj97n0c40zxrzc1rphcnjk2njsfnsvjfgxzc26ab4g78xrermzgx6a4j55pbwvygbb4srwcte8b54fmwvhf1a1w7a4xb1wrwtjqnsmyz7r39pzqcv56zwqsxpw4sqca7z1c20cgnq3sgv6dbpb84aaja7agkxw8yb0v1bmshfd74jwae2a0n771qxhrt0f6jgcdt18fsa331a4w3j7ctyswac77tkamkpp59sz39x1pgc6rqfzvtcrx90ackbxaavpskbj7awa0w9tzggjqqqxpdta9xs7fbza1m12ntangmtb8s3kvtg3q09em52yx15m8a6zb28dpqr89avhwwvxv8sc7ga4jm3qhg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%26client%3Dca-pub-5965569640055032%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jdn255ya7e6g9zra2ej99bw1qey2vfb374q7j6n37w5mmmbs9jxejzdeg0whnnpfqg2we64j7k4np4tcwj97n0c40zxrzc1rphcnjk2njsfnsvjfgxzc26ab4g78xrermzgx6a4j55pbwvygbb4srwcte8b54fmwvhf1a1w7a4xb1wrwtjqnsmyz7r39pzqcv56zwqsxpw4sqca7z1c20cgnq3sgv6dbpb84aaja7agkxw8yb0v1bmshfd74jwae2a0n771qxhrt0f6jgcdt18fsa331a4w3j7ctyswac77tkamkpp59sz39x1pgc6rqfzvtcrx90ackbxaavpskbj7awa0w9tzggjqqqxpdta9xs7fbza1m12ntangmtb8s3kvtg3q09em52yx15m8a6zb28dpqr89avhwwvxv8sc7ga4jm3qhg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%26client%3Dca-pub-5965569640055032%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221147
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9de889595440-LHR
cf-bgj: minify

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 8AE3 36 KB
13 KB 32ms
32ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jdn255ya7e6g9zra2ej99bw1qey2vfb374q7j6n37w5mmmbs9jxejzdeg0whnnpfqg2we64j7k4np4tcwj97n0c40zxrzc1rphcnjk2njsfnsvjfgxzc26ab4g78xrermzgx6a4j55pbwvygbb4srwcte8b54fmwvhf1a1w7a4xb1wrwtjqnsmyz7r39pzqcv56zwqsxpw4sqca7z1c20cgnq3sgv6dbpb84aaja7agkxw8yb0v1bmshfd74jwae2a0n771qxhrt0f6jgcdt18fsa331a4w3j7ctyswac77tkamkpp59sz39x1pgc6rqfzvtcrx90ackbxaavpskbj7awa0w9tzggjqqqxpdta9xs7fbza1m12ntangmtb8s3kvtg3q09em52yx15m8a6zb28dpqr89avhwwvxv8sc7ga4jm3qhg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%26client%3Dca-pub-5965569640055032%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date: Sun, 24 Oct 2021 02:01:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52463
x-guploader-uploadid: ADPycdsGbyqH92KB9gYtCivzOPmQZDeusqm-TzZaN9LqWpe_CowgzqtWxDprUA_219EgYDvXAKXlR5VCBiNW64dn67kLIOFDmg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 11:26:36 GMT
server: cloudflare
etag: W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOgVGLY5T%2BOKbB3zwfLef9oStTzP%2BamjpMmsrrr3mtjDNOZzGC8MOtCn6pHFy9yXuopnsU1Ni%2FJ6lj%2Fz3J8tFxIWLFZSQkjTmKPb2NSD14K%2F4r%2FzzLUC0YU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634729196057447
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11922
cf-ray: 6a2f9de8895b5440-LHR
expires: Sat, 23 Oct 2021 11:26:59 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 2B84 1 KB
2 KB 162ms
105ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 0318a1b7571f5c2204b1b33b99598e91d987e8aa730f94395693a23689836683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:22 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1306
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 6AD7 1 KB
2 KB 159ms
104ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: d9756cb4924f103c0b6599af037359ef5545e4e70acb250a2fd7a795920ad519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:22 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1395
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8AE3 3 KB
4 KB 24ms
23ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933394
x-guploader-uploadid: ADPycdsUBSwxHn4phaM_fSMzz8i8mhDMWYE4fTZXaieEYLTAiiTVYLRZgbXnHhlSIji6E0ietJ-1qYTcbg2dUf3sGaA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUgggxrCTnxbChyrMV7JkW8G7F4Sik8KLcO9zNz3HmKomsVJxwGFrg4%2F0BjOHwx0i3iJCI5y%2Fj%2BT2T26vBG7b%2FEcZwnhUY6ElHjxMTsqnjPqlcjqwhy6A8kXLNCGOjzvKvagATec"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6a2f9de8ce7240b3-LHR
expires: Thu, 13 Oct 2022 06:44:48 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 3F8C 2 KB
2 KB 27ms
27ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UyU28B2efLnalLRJpp1c98cvyZKzhwanAq9kVA0wrp9DwnzPDrTmei-CKOE5AaTSC-WvgX_eUP8wMH2DdM5rYKGETrUOQ
expires: Sun, 24 Oct 2021 03:01:22 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2517968
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F713OLsJ3np9MoXbxY%2Fwhsey%2FCxI9ZPz9qnhzP64gTRSc8tj1wiVQdW1zDnkOjG%2FV2brdTYRtCQXSJp0yvOJTt8CpnbUgYXhoH565RaCig0qCJlQrSYbGGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a2f9de8c99b5440-LHR
content-encoding: br

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 39ms
39ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-vw8k
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHPWE2GhTaQEEKzUyQAkhBCJSXrMp4qAIlUQ8%2FjFHmYeDMB9QP0huTXgeQi4uw06eUP4n5UFCj%2BZLC2B1NTP41fm2DPqfqucQod88F3n0K5N8rLakwQ%2F%2FVY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2f9de9096820ef-LHR

POST
H3 200 rs Show response
ad4m.at/ Frame 8AE3 1 KB
2 KB 40ms
40ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2d72c1bdd8386e80e4b57be5a95c230ca6d46384e8dd2c049299ce73073644

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6a2f9de9498f20ef-LHR
date: Sun, 24 Oct 2021 02:01:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2gYoCkbY0vvgLMfcARjRi3s2CCHUl80wxvoW4FtPMYpajY35i4tGGvIXcrqsTDI9f3773lv2pQUNM67oa3lKWLjyCiW%2Bz%2FUSH2el8Wkche5dGYi2JP5les%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-vw8k

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1E8F 6 KB
4 KB 47ms
47ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae310bc89196b144d3417815b62134d10250febba08ff49feb89cfddd18c136

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1jdn255ya7e6g9zra2ej99bw1qey2vfb374q7j6n37w5mmmbs9jxejzdeg0whnnpfqg2we64j7k4np4tcwj97n0c40zxrzc1rphcnjk2njsfnsvjfgxzc26ab4g78xrermzgx6a4j55pbwvygbb4srwcte8b54fmwvhf1a1w7a4xb1wrwtjqnsmyz7r39pzqcv56zwqsxpw4sqca7z1c20cgnq3sgv6dbpb84aaja7agkxw8yb0v1bmshfd74jwae2a0n771qxhrt0f6jgcdt18fsa331a4w3j7ctyswac77tkamkpp59sz39x1pgc6rqfzvtcrx90ackbxaavpskbj7awa0w9tzggjqqqxpdta9xs7fbza1m12ntangmtb8s3kvtg3q09em52yx15m8a6zb28dpqr89avhwwvxv8sc7ga4jm3qhg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%26client%3Dca-pub-5965569640055032%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jdn255ya7e6g9zra2ej99bw1qey2vfb374q7j6n37w5mmmbs9jxejzdeg0whnnpfqg2we64j7k4np4tcwj97n0c40zxrzc1rphcnjk2njsfnsvjfgxzc26ab4g78xrermzgx6a4j55pbwvygbb4srwcte8b54fmwvhf1a1w7a4xb1wrwtjqnsmyz7r39pzqcv56zwqsxpw4sqca7z1c20cgnq3sgv6dbpb84aaja7agkxw8yb0v1bmshfd74jwae2a0n771qxhrt0f6jgcdt18fsa331a4w3j7ctyswac77tkamkpp59sz39x1pgc6rqfzvtcrx90ackbxaavpskbj7awa0w9tzggjqqqxpdta9xs7fbza1m12ntangmtb8s3kvtg3q09em52yx15m8a6zb28dpqr89avhwwvxv8sc7ga4jm3qhg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%26client%3Dca-pub-5965569640055032%26adurl%3D

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2f9de99a1b5440-LHR
content-encoding: br

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2B84 51 KB
51 KB 7ms
7ms Script
application/javascript 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 74004
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 23 Oct 2021 05:27:59 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: GV3ucr6qzzb6DNA4b5dzvn1-8z4VD_VfsnuIA2SQStONQY7laUTPbg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 2B84 25 KB
26 KB 86ms
31ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid489hEf5fmdXfGH9HdtAtDXrTZTZtr3gFKoneid&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=b4899250d1be66f7bc1fcde0535737ba%2F3115534880494058506&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881743&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gav1zprd4fawcamgk05k703f9vv8eenz1ns1fh2bpjay5nt09nkzh750ybsnnwv3t2s31xp40pcy9pkfh68j30ye05f76a57c41aykt6mpn4c1e5fyrn5va0fa3qt3bd6f43m94967mdmfngsqq7yw464ejrs9ar4fzh7wt735gb29v2h57y98z0cekbjnccyd15vp6msbfxnmhz6tpykkf5pjwxw5zkp4max9byxqm804jp73wcxkt8j2p38mk6qhhg4y2m6azhyv9b4j0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCBuMOcb50YeOgBMa_gQeGpaO4DJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0MHI4JhAw8seC-sZHlNbYn1h3ia0a0N7ikLli64TrQNBWBxUDESYZwyKOut66OYgz0BQ8AzP-h2vKf4BUbArYpx-SV2sYeg8iL8r3ViErxfjl_48lv0rnnfsxH031AH7OMv6nPveBfWo3sBL2O17bytKb8Re8GnhG0b3pkWD9Mr68pq4kbJbtgAOcc5BJ7gKJETgmQ0xxRiJBlGnPUKWT4jPXdINEuBxIqRx5t84O33O1LP6Ad7eN-mP-y0oaFJh2Hp-bb5C3gHgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1PaEx98LOs6YLxtHnl80jfPemFJw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 6AD7 51 KB
51 KB 7ms
7ms Script
application/javascript 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 74004
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 23 Oct 2021 05:27:59 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: 5vLlzLSPW6YnG7bNDfQYjO7X9_6aXSd4eN94JvXwuch3t5sXWQ8MZA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 6AD7 25 KB
26 KB 87ms
32ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid2wXU6fqfYGRuxCWHkt8tAJbHWTgt7JRagoneid__asuidCRoyXYtvdVDo90K1sNOicF1ayj8GWYzOasuid&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=353d6f65d474ac947a0f376b68417483%2F12665713687923739464&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040881744&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jt21myncp8bfa2gpp787x4ynxpr3daccrhbkasg9kpnbgcvpnax2vngnbcwzhz6etdfr6rx3znb75wx4phwmpdneq2j8fbtjpzryk5vyr5x0s5exzzrz3v7xy7xvxv1td3tgb4rc5aa2ktdc4907smq2jxtegmc97zek59vhcqpzkydzd7n5fbw7s67ayb93hnba83s61144zd2yt064167ykeps395r4cc2yv3ggtt2sbc02yc18w4vkh0k7xpdq3svnx8fg3251khdvp0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC87KpcL50YcbsLOeyx_AP9eCXgAyQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01OTY1NTY5NjQwMDU1MDMyoAHCrujdA8gBCakC3NgOcLWJsz7gAgCoAwGqBMkBT9BEX04vg_eNUjH_mtgnDy5mDzGWe9mHalHIy7WU2JQz5d_l__m2Pl1Yv1Y-IvPdzyFrgHsL1Iybgq-Ytrfz9UXLDhx-vRfbLpv3iBp9Xcg1RSMRCJAhoXIpmN8fkUHaBYcpiIjsBbKbmdaH7XHXClZgLEwsO1JryzvMiXM5tk0cZYSnby2MU6di8ThT7CSxrS9vGR6zP00qWPma7i03pkrYhLfuAplhq4cLMq_WALZxiwa-iN0piIkCpzEJKUokdck_42jZUiCq4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2R8KXefSGGx35_Em63SO_KzOADjQ%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 1E8F 64 KB
8 KB 33ms
32ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 221147
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 21 Oct 2021 12:35:35 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6a2f9deb4b1d5440-LHR
cf-bgj: minify

GET
H3 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 1E8F 38 KB
39 KB 28ms
28ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020553
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdunuzYiqCOTN7D38ID9VU5HnhWAEcOI2CN5w6TgSO3n6Ke1a_HyMgUHK8uJPF9YYjQof8tjf2rMhd9JZydCvU8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTh9IGT3yrCdczZLbuZwr5ryolJYLsOTGb768Mt6uf6V9a9lxsOOTAmr90ZiUO3w2bXOr1O9%2B8j6oYSJG3iCskYYJlRIrphHGOdc0smDnGjXqz6gFmI5xX2ATyU7JbEq"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6a2f9deb4b1e5440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 1E8F 113 KB
114 KB 29ms
27ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 274473
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtNyCvPSb0A9jEM_MSWcctkL_vcl0ETpzeR0WLXBlZg0djNS8o8NmBQPcaxeXCL74nkv2TpDnBKKowraohkTxU0jM5V0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kS%2BRIDMs68oubogbsZMxVe%2BdzWHkoL0FEAinlgqylkDozhD7u3IQui7VMyCCIXNKUy1WGXCdZO9Yv2NJE6JkmsVkk01EGCexMQlPBoB6kkYLETO4LmQI5YQn7SLPQoe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6a2f9deb4b255440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1E8F 43 B
703 B 39ms
37ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidrJmHQfD9cbACAH7HjtqtW4bt5T8T36sdoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 1E8F 38 KB
39 KB 35ms
33ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279780
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycduTADbe4QTWpksLMkOeUhXyLX1DlpTK_kgnQFH2U23-o3-C58FP6P6mrvC9eP7H1hgi_Hwm2-lZu_PBShMSBV8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5uF6jf6w9XoF5R5tf06yRBajgNqXvp0x1asFEJRukG7GaaqQCjafml0lLJEuVO8Bl8hwUhVSssl0WIYFnKCWVzc5vJm%2FVQ5Wy2vCGYlOMYwvHXw4LqOSFpZe5FoGNNd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6a2f9deb4b275440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 1E8F 84 KB
85 KB 36ms
34ms Image
image/jpeg 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1687994
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdtb35ogKLAp-WRUwkDvfLFmpZgpoSjSXjdkQChuI80UktbEaVSd2EWPTT8xw6NKhvySWAmNJ46zGz4HjOzmlzoI4V4TiA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85737
expires: Mon, 25 Oct 2021 02:01:22 GMT
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mX9PfRPUW1rOfDNDop5AvGU0VgG2YAFeq78iANAedqsdvwdEe8MHUnFfmOqYELNCvn4DB5dY%2FKomk%2BOdXY657sg5UfkenIJsa0tHpfx3HvEelUAlGsI6S1N22qirWmTV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
access-control-allow-origin: *
content-type: image/jpeg
access-control-expose-headers: Content-Type, Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6a2f9deb4b285440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1E8F 53 KB
54 KB 57ms
55ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294932
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdu_GStnm-ROF7y_ddm4bfag33QZNfx7I5Z-KqQS_lJE4gYjoFt54cGzAq_V6isQmwvmL7xG33D96vr7nLApDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tivxeeYq0qNYfLQuhl2PFb8Krnw3vi68hwp1tlyfNDcT2fzx8Yn0uWLc%2BXcSNyXlGGzzjahs4x1vndrWGwmozqpb%2BsNGUSPJgzKAH1%2F6WmedvZ0pF%2B0DdQjsrux8Gps"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6a2f9deb4b295440-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 4F4C9A2D7395F4A22A69E4FF899DD987C3D93173B4A1A10C53248E23143B0CF6BAA70B9C16381AC5F917AB284304F801A1D532F2E3F04B5E86B818EDEC445252
assets.ad4m.at/product_image/ Frame 1E8F 108 KB
108 KB 37ms
35ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/4F4C9A2D7395F4A22A69E4FF899DD987C3D93173B4A1A10C53248E23143B0CF6BAA70B9C16381AC5F917AB284304F801A1D532F2E3F04B5E86B818EDEC445252
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d59fb9c729f04cd84799db8137a07593d1658c3a2827018284f74d705ccc629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=0sGzgQ==, md5=E9fn9wEA2esguxJas7WBIQ==
date: Sun, 24 Oct 2021 02:01:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1004843
cf-polished: origFmt=png, origSize=247870
x-guploader-uploadid: ADPycdvdkiH6_z-c3Nchq1UlYzxL4a981OWNUZ7iTAGYTEj2IgNYowWmUl7WUUi3hNV7WYxUD7hWhHqvK1Tyljiv-yOuO9VPAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110084
last-modified: Thu, 15 Jul 2021 15:02:56 GMT
server: cloudflare
etag: "13d7e7f70100d9eb20bb125ab3b58121"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbuh2AOYQL8%2F4K55T%2F27Hz%2BrzuhcxaLMoOk3GSVJPIesenThM5gO%2FLbiIv9BNG3j%2FnTP3YQOlPF9%2FLg8IOuNVn38F2KXAXYb2v0xqI%2FsRMJI2Vro0ktQuGIonzhMVcod"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1626361376778545
content-type: image/webp
expires: Mon, 25 Oct 2021 02:01:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 247870
accept-ranges: bytes
cf-ray: 6a2f9deb4b2a5440-LHR
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame 1E8F
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=oneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=oneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2021102404012257588070275X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYA...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202110240401225758807...

43 B
771 B

23ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021102404012257588070275X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:01:22 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sun, 24 Oct 2021 02:01:22 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021102404012257588070275X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3BEB 16 B
232 B 84ms
84ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:22 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 1E8F 1 KB
2 KB 163ms
107ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 9ea36272d2e658077a02b92aa8882cb6fbce32c7a538eb5da15ca2503c9379e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:22 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1303
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1E8F 51 KB
51 KB 7ms
7ms Script
application/javascript 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 74004
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 23 Oct 2021 05:27:59 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: -oiVXJIPJPCsxXvI3zx4wrjvzCObq2VcTzyaRKYvpMFxJXBHe62UMQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 1E8F 85 KB
85 KB 87ms
31ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidpA9u1fgfj9WfkH4HmtztQ7YhgT7tERYUEoneid&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C24673%2C157265&b=rJmHQfD9cbACAH7HjtqtW4bt5T8T36sd%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR%2CGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUE&f=PJ4HBfEbaVkc9HjHbtgCVm1FZT9TkGCp%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW%2CVPrSwf6mFr5k6TVHbHAtXCEEmckTzTKGTQ&c=300&d=250&e=gVEQYAE11o9wPlFZFS9C81zM9jaO91as&g=20ff1bd9253fe912681a1fdb3996b4c8%2F10958821371555818122&i=9719%2C20430%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635040882145&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g0hqnnzdvvvvw1xac6z51a9saepjkscjwcfs3emnza7y9abz37dfjkm217m9ng768gza5ea5fqsvdbatzvn1zg7txvg1cbvc94fy23wpf4zfz1tcgbkhgw2qva3rfqf751bsf3jjpn9ae70s68v77jps5152c1046mk08hmqbd480hvkpvxfrzfq98gby4xt3h69yjc0y4yb3e9tc18gyddpxfdhcb8knnp9vkq0svxb6f8tsc0ypjpj06nq7bydrz7d452et6vrcsamyv0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCUGvzcb50YYylFtXu7gPwuoPYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NjU1Njk2NDAwNTUwMzKgAcKu6N0DyAEJqQLc2A5wtYmzPuACAKgDAaoEyQFP0NAYocvJOSZiqTWRup3oYwDIWHfWyrSthwEgopwrn1sXsTbTCj4UkWvJefVw6pS7MYirn_E2zp4DKMPXjhFRHnPnem3gi588sWHwDXnQzODkjoULWs7IbIASsTtD1WkJP7nt2Y5stjUjIMSVTnOy4MOextnML4BE-vaXOA-gFaqcogcoFaI7IYuqQh9BuW3vPHbo-ssep-SkQl84TRb4RgUtAwEoKi9keWyLFCC2qM2oNUC6rc8cV1OFM8lMd5I0GjEFYH8AYETgBAGABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_37WRtmklVWvkKCjoi4LPhLXzLMbw%252526client%25253Dca-pub-5965569640055032%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Oct 2021 02:01:22 GMT
Last-Modified: Sun, 24 Oct 2021 02:01:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 27E9 42 B
64 B 50ms
49ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnZ17F-xR2_ayCTeo9Pu2AxUOP56CHGoYrVQyqDRQIbj-12vaGL9a28RUCuiVzbi__pN0wuSHVvgUHYQrJ0gdLm7vz_xRBMtqI1YFbOAJDqP8Wg2Kg&sig=Cg0ArKJSzD9VZEiK-pmzEAE&id=lidar2&mcvt=1259&p=302,1236,552,1536&mtos=1259,1259,1259,1259,1259&tos=1259,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=2863397737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635040881094&rpt=740&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2B84 16 B
232 B 87ms
87ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Oct 2021 02:01:23 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:23 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 6AD7 16 B
232 B 82ms
82ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Oct 2021 02:01:23 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:23 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 1E8F 16 B
232 B 99ms
99ms Fetch
application/json 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-239-54.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Oct 2021 02:01:23 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 29ms
29ms Preflight 54.75.239.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 02:01:23 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: urls.api.twitter.com
URL: https://urls.api.twitter.com/1/urls/count.json?url=https://ktar.com/&callback=jQuery36008879527865574695_1635040878456&_=1635040878457

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879282&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3386913553&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879291&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=3303090133&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x433&msz=0x0&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ktar.com/	1970-01-20 00:20:16	Name: _gcl_au Value: 1.1.1889839354.1635040879
.ktar.com/	1970-01-20 15:41:52	Name: _ga_7J7KCG2FVK Value: GS1.1.1635040878.1.0.1635040878.0
.ktar.com/	1970-01-20 15:41:52	Name: _ga Value: GA1.1.1848816137.1635040879
.ktar.com/	1970-01-20 00:20:16	Name: _fbp Value: fb.1.1635040878976.1808197000
.facebook.com/	1970-01-20 00:20:16	Name: fr Value: 0fLJBKmCDGrSi2c0n..BhdL5u...1.0.BhdL5u.
.postrelease.com/	1970-01-20 06:56:16	Name: opt_out Value: 1
.doubleclick.net/	1970-01-20 07:32:16	Name: IDE Value: AHWqTUl8tvlECDWgyzCbEbKZiqssJUNEm09gTHPTV2jSEcGqZyBUXoAw9vECDXA8Q2s
.ktar.com/	1970-01-20 06:56:16	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sun+Oct+24+2021+02%3A01%3A19+GMT%2B0000+(GMT)&version=6.2.0&consentId=ad9c919c-e256-4e1b-a4cc-9451a45a4730&interactionCount=0&landingPath=https%3A%2F%2Fktar.com%2F&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A0%2CC0004%3A0%2CBG15%3A0&hosts=&legInt=
ktar.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":8479325,"placementID":1119446,"lastInteraction":1635040879083,"sessionStart":1635040879083,"sessionEndDate":1635120000000,"experiment":""}
.ktar.com/	1970-01-20 15:41:52	Name: __utma Value: 248041309.1848816137.1635040879.1635040879.1635040879.1
.ktar.com/	1969-12-31 23:59:59	Name: __utmc Value: 248041309
.ktar.com/	1970-01-20 02:33:28	Name: __utmz Value: 248041309.1635040879.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ktar.com/	1970-01-19 22:10:41	Name: __utmt Value: 1
.ktar.com/	1970-01-19 22:10:42	Name: __utmb Value: 248041309.1.10.1635040879
.ktar.com/	1970-01-20 15:41:52	Name: _ga_5BSVRFW0T9 Value: GS1.1.1635040879.1.0.1635040879.0
.quantserve.com/	1970-01-20 00:20:16	Name: d Value: EHsBCQHHJIEA
.quantserve.com/	1970-01-20 07:40:55	Name: mc Value: 6174be6f-e4cbb-92a78-b2a9f
.casalemedia.com/	1970-01-20 06:56:16	Name: CMID Value: YXS.b.LTI6uaCjHCdR57UwAA
.casalemedia.com/	1970-01-20 00:20:16	Name: CMPS Value: 3236
.pubmatic.com/	1970-01-19 22:12:07	Name: KTPCACOOKIE Value: YES
.innovid.com/	1970-01-20 00:20:16	Name: uuid Value: 5563b535-5a1d-40a5-96c2-57ffe85a76e8-20211023 22:01:19
.casalemedia.com/	1970-01-20 00:20:16	Name: CMPRO Value: 1196
.casalemedia.com/	1970-01-19 22:12:07	Name: CMST Value: YXS+b2F0vm8A
.pubmatic.com/	1970-01-20 00:20:16	Name: KADUSERCOOKIE Value: 6B705550-0497-4498-989B-FCA386659034
.rlcdn.com/	1970-01-19 23:37:04	Name: pxrc Value: CPD80osGEgUI6AcQABIGCOndKhAA
.awin1.com/	1970-01-19 22:20:45	Name: awpv14098 Value: 412871\|1635040880\|48282480-346e-11ec-bb42-2234d33d3970
www.lead-alliance.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: u971m73vb8rqrhrq36mdeedr3a
.lead-alliance.net/	1970-01-19 22:20:45	Name: ppv1225 Value: 2021102404012057588070149X113752V1225131106MSoneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid
.o2online.de/	1970-01-19 22:20:45	Name: nscQ485 Value: V
.blau.de/	1970-01-19 22:20:45	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTYzNTA0MDg4MHZsZWExZGUyMDIxMTAyNDA0MDEyMDU3NTg4MDcwMTQ5WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZERqZVQzZndmR0s4NGMzSG1IOXQxdFpaOVRXVG1UazhyRlZvbmVpZF9fYXN1aWRnVkVRWUFFMTFvOXdQbEZaRlM5Qzgxek05amFPOTFhc2FzdWlkMTEzNzUy
.blau.de/	1970-01-19 22:20:45	Name: nscQ486 Value: V
.blau.de/	1970-01-19 22:20:45	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021102404012057588070149X113752V1225131106MSoneidDjeT3fwfGK84c3HmH9t1tZZ9TWTmTk8rFVoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=113752
.awin1.com/	1970-01-19 22:13:33	Name: awpv19228 Value: 412871\|1635040880\|4877a410-346e-11ec-bab3-2265a16f2a26
.mobility-ads.de/	1970-01-19 22:53:52	Name: coyoteTrackingCookie_1 Value: 382201418
.mobility-ads.de/	1970-01-19 22:53:52	Name: coyoteSimpleTrackingCookie Value: 382201418
www.autohaus-koenig.de/	1970-01-19 22:53:52	Name: mobilityAds Value: 382201418
.awin1.com/	1970-01-19 22:12:07	Name: awpv14702 Value: 412871\|1635040881\|48d665e0-346e-11ec-bab3-2265a16f2a26
.awin1.com/	1970-01-19 22:13:33	Name: awpv11671 Value: 412871\|1635040881\|48d63ed0-346e-11ec-bb42-2234d33d3970
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: e4d20cd060519aa0
.mookie1.com/	1970-01-20 07:39:28	Name: id Value: 10809835375716039175
.mookie1.com/	1970-01-20 07:39:28	Name: mdata Value: 1\|10809835375716039175\|1635040881619
.mookie1.com/	1970-01-20 07:39:28	Name: ov Value: 2959514dcdd65dbc4d1d5798f227fec8
.openx.net/	1970-01-20 06:56:16	Name: i Value: a1ba69d3-ac17-4879-a310-d5cb7f3e9921\|1635040881
.ktar.com/	1970-01-20 07:32:16	Name: __gads Value: ID=f9b275ec042d6967:T=1635040879:S=ALNI_MbhvyVzmDvMi2pDp0edDEWOPtMn0g
.r.niwepa.com/	1970-01-20 06:56:16	Name: tsv Value: kPw!HUkUSE-bXEA!AQ\|CkIw!A!~JEYV9N7A*4g!DbugA9
.rlcdn.com/	1970-01-20 06:56:16	Name: rlas3 Value: cOqUwh/bWuqUNqLX9zkNtud1rRcO5OjrE/ZpaNsYesU=
.e.dlx.addthis.com/	1970-01-20 07:40:55	Name: na_tc Value: Y
.awin1.com/	1970-01-19 22:20:45	Name: awpv11938 Value: 412871\|1635040882\|494b20b0-346e-11ec-bb42-2234d33d3970
.addthis.com/	1970-01-20 07:40:55	Name: na_id Value: 2021102402012200054082605906
.addthis.com/	1970-01-20 07:40:55	Name: na_tc Value: Y
.addthis.com/	1970-01-20 07:40:55	Name: uid Value: 6174be7214aefeb2
.addthis.com/	1970-01-20 07:40:55	Name: ouid Value: 6174be7200010dc0c7569cc20813c3a720d1fbdc94a230c6a373
.dlx.addthis.com/	1970-01-19 22:53:52	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 22:53:52	Name: na_sr Value: 20211024
.dlx.addthis.com/	1970-01-19 22:10:40	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 22:53:52	Name: na_sc_e Value: 0
.congstar.de/	1970-01-19 22:20:52	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1635040882_494b20b0-346e-11ec-bb42-2234d33d3970%22%2C%22sp%22%3A%22awin%22%7D
.awin1.com/	1970-01-19 22:13:33	Name: awpv11830 Value: 412871\|1635040882\|496d0090-346e-11ec-b9be-2230dce87953
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357066:2338586
.lead-alliance.net/	1970-01-19 22:20:45	Name: ppv1226 Value: 2021102404012257588070275X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid
.o2online.de/	1970-01-19 22:20:45	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTYzNTA0MDg4MnZsZWExZGUyMDIxMTAyNDA0MDEyMjU3NTg4MDcwMjc1WDExNzcwM1YxMjI2MTMyNzAyTVNvbmVpZEdLOWhCZllwczZqWkdDS0hlSEd0UHRwcEpIMlRZVEVyVUVvbmVpZF9fYXN1aWRnVkVRWUFFMTFvOXdQbEZaRlM5Qzgxek05amFPOTFhc2FzdWlkMTE3NzAz
.o2online.de/	1970-01-19 22:20:45	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021102404012257588070275X117703V1226132702MSoneidGK9hBfYps6jZGCKHeHGtPtppJH2TYTErUEoneid__asuidgVEQYAE11o9wPlFZFS9C81zM9jaO91asasuid&wfid=117703&ratenzahlung=24

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://urls.api.twitter.com/1/urls/count.json?url=https://ktar.com/&callback=jQuery36008879527865574695_1635040878456&_=1635040878457 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://ktar.com/ Message: Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879282&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3386913553&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1' from origin 'https://ktar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879282&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3386913553&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ktar.com/ Message: Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879291&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=3303090133&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x433&msz=0x0&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1' from origin 'https://ktar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1980554691554510&correlator=2197797785336613&output=ldjh&impl=fif&eid=31063135%2C31063267%2C44748553&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1034751%2Cktar_news_TheHomePage_right_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=0x0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635040879&dt=1635040879291&dlt=1635040878273&idt=543&frm=20&biw=1600&bih=1200&oid=2&adxs=1236&adys=302&adks=3303090133&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fktar.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x433&msz=0x0&ga_vid=1848816137.1635040879&ga_sid=1635040879&ga_hid=939105914&ga_fc=true&fws=640&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS-b-LTI6uaCjHCdR57UwAABKwAAAIB&google_push=AYg5qPJGfxJaIEb4G3rCp1x5XBu5FFcHZ8mz1x4b0hJperIJa5wvPkia1O4ldm5wZTK7eKmUSh-e4WlS51HT7GKpe-jCxshJnJ5f3Q&google_gid=CAESEJtYLabGOiE0PuA6tdtOEXA&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10288467.fls.doubleclick.net
10620649.fls.doubleclick.net
10625865.fls.doubleclick.net
9445712.fls.doubleclick.net
9919737.fls.doubleclick.net
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
analytics.webgains.io
api.secondstreetapp.com
api.webgains.io
arizonasports.com
arizonasports.disqus.com
as.ad4m.at
assets.ad4m.at
bam-cell.nr-data.net
banner.congstar.de
c.amazon-adsystem.com
campaign.mobility-ads.de
cdnjs.cloudflare.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cookie-cdn.cookiepro.com
cse.google.com
dc4f273808bca37c6f35e3bea76a1491.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
embed.secondstreetapp.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
jadserve.postrelease.com
js-agent.newrelic.com
ktar.com
media.secondstreetapp.com
neso.r.niwepa.com
netdna.bootstrapcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel.everesttech.net
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
prod-rtb.ad4mat.net
rtb.openx.net
s.ntv.io
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
urls.api.twitter.com
www.autohaus-koenig.de
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
cm.g.doubleclick.net
securepubads.g.doubleclick.net
urls.api.twitter.com
104.111.215.191
104.111.239.217
104.16.18.94
104.18.11.207
104.18.6.120
104.198.205.129
104.26.10.209
104.26.11.209
104.26.7.27
142.250.181.225
142.250.184.195
142.250.185.234
142.250.185.72
142.250.185.74
142.250.185.98
142.250.185.99
142.250.186.100
142.250.186.110
142.250.186.131
142.250.186.134
142.250.186.138
142.250.186.162
142.250.186.34
142.250.186.66
142.250.186.78
142.250.186.97
143.204.95.188
143.204.98.117
148.251.139.77
151.101.130.137
157.240.20.19
157.240.20.35
162.247.243.146
172.217.16.130
172.217.18.98
172.217.23.106
172.217.23.98
185.33.221.11
185.64.190.78
195.201.218.101
199.232.192.134
2.18.234.163
2.18.234.21
213.133.107.215
216.58.212.162
216.58.212.166
217.182.200.20
3.8.79.110
34.243.196.142
34.95.89.54
34.98.67.61
35.187.117.15
35.227.252.103
35.244.174.68
46.236.13.147
54.146.124.230
54.197.229.45
54.75.239.54
69.173.144.139
74.125.140.157
78.46.85.162
82.113.101.132
82.113.101.236
84.200.5.215
91.228.74.133
00e25761d17a65efd80897d1e80a746d3fd398855ecdb81409a3740c150b3b32
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013
0318a1b7571f5c2204b1b33b99598e91d987e8aa730f94395693a23689836683
03b4a055b08c7377eeeed48cf478f9bcfc3bb985b05c0bafdec1677583770455
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
0492e8a1fdb06a29413e023320fe9605f6290548450d89ee99304a8b89de65d4
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0614b9e015b9a646c5bb4099edb68390666b12c572a6b4712681be7d4bb9bfe4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c7c5a9756f9d9d07f155c9c3fd3b3445552114d1499377f77bc95eb9f94d24c
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0d17aba265080b084110ec4921e033211710c1fb3c8d1e85322484acc8ca05b7
0d9048d0773313ba7746bcbed29ca2d18c339f7f0a3627e359de8f7146bf09c1
0e1dd9bee18c1d77e1e912fdfd7127875ee68971cbee514ed7f64c297c39d179
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
1323f55009c0f0d44210cce3b96990b5d56ded661defc48a114d3ad8abd83c01
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc
15f6865841563f9690aa73d93d6af4f80c0544d09b1c9f1479c44edd1bec5f6e
17c6a29db22e9ccb77b4544b5b0d6232498804b5eb1340a82f2c429aa135cda2
209a1b9baba60745de39212ffa8ca6ee39b76644869e49c7778bef5d25cf764a
211e3445647a533acb0db94589c6256e4af76cae138b67c17bf45c5fa30763e7
2543b798df6a799c869fe2576ddc5f4a8cc538d34f5ff6f800c0ccdfe4dd4803
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28a110a1ff4c1d6a68d7a4e60ed003cf3a5ac032cbf5094c42e330f777c6723f
28be698d1386d65a5ea173fdd602b083b521cbe29c7aef8f125e755be17f1f8e
296ae93876190743dfc62a3d38545b360344a8597a10e7e08818cef8316cfb90
2cce0a1559780dc5bd1c41ebe7e7d7bb8243f1a9dc53a63210c7c09e5b9510ae
2d59fb9c729f04cd84799db8137a07593d1658c3a2827018284f74d705ccc629
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
32dc500769c806ee1129ab4df83c16c8a18cece12f839af54c0ecaee2e640db5
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3343a45721d0de4e5337d0477f1f7e4e6b9236ff9eb2d9427283d0264df50d1d
342e46097f9a7dbc263a1e6706d84da6e655a97e4779f82f2f19b203fd479681
34660fe46d78c890b82dd7e19886dca4ce2c46d31b1b308ba9b81e53a9f1669e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370
372fb46b58a4e5c66e645721fc9e771390fc9c16d849bc8dbd6c18749588694c
396966db542c4bd587ec99dfa750a98b99d89a80e1a30a423e26e0687892ce1f
3ec516cb4a989b1bf86dd436ca855f4dd8b612737ce45e467f388d9dd3e66ef7
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
41c99a3fe7353454939f9640d6f9cd8128e79b35511513f6d02175315c3eb8d3
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
488be359211b65114dc11de3c2f567da5d39304d7a5b39c0787d01a6c7539f37
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
48e802eb7acaa1931e633a90d6648935313fab5d96cb20f539a6cc81ebb44f98
492c9ed7b6f4e4c5b4e2ef2872c01eeb05bc957f22daa5c87e48fac09c187252
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4b7d855be20cefec1f33e2b02cd6317ba601b60f237666b73888460d38641e5d
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4d81cd951bc1cc8095a0b6385baa47b9c5fb6fe1440661563a09dbd2f7e243db
4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
4e731469b10709f2b3ce4441b36166dd5f47be2c03a53e99b5d35f769a1a255b
4f6ab26f29e6709a33a270b456a4ab9b06e66d3b31bc4aa9c328a32226e64a9d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53324e94c9ac0952ab3d3513dceab8eda460b6fc98e32bf17064e51dabeac979
540b5be2b05010cda2423355e9068d0114d2fb7cca71fdf18e15f3c92c07db16
54c8961996a386de0648a25e6ad3e22b8b9c710c92ccec188dbe7b90f3d28f66
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
59529a4d1e6fbcee24a57e2b815f975a3cd61e3823b51ae99eaedf85e9cd52eb
5a32d32e2e5fb637fd1b35e24625f93819347f5b117c3f37406176456e692a4b
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
6006bb78bc78e8f2f2636dfb8a6a95a85b4ff1f6368d2ff9dbe10123af6dd64a
60e04dcb9483e44801771aab65df07bfa3fabbaf9a4386fd05f568d0e4d8710d
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
614305ee414f9b73b89b32101c278293814beb310525293d2c24f35c1cd9de0a
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62379d9a57aefb1817995957935caa68902b457ad240d9aab95fc787c6dea932
62777e4974a37d52417b06f8b5509cddd365847b01459fe0172b7ed81c65b7dc
629d9424a4d1799da46c32d64e752daa3cdda36d6f9fcd70755c869060983c38
63028089b6bc0baf9bacaf507f21f56f6c70855960f4a31c51a83ff3dc2647cf
63a50f5d0eea3ea0a236a57783c071bd814f0089e2708b0d01a1187703f4c856
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
643c563abab207c9806aeeeff9c308c7175d62f5e9c570caf6de2c5b7afc06bb
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
6772484872fc6dd37ba343bbeeea75b742e14e4d711664d24dce347cdadcd263
68907ee01093b2068a305daeded339b68cc0990b41eadb457bbe0e1e5d50eb83
68c757e1b762b2b899b01eb70f7705ba33928cb1978939665bfb8c18bd6db53f
6a1f39a2aae608c161763c315a374957f02523efafb86f11903fbe03ace1a242
6aa45a2e667b45c5e2d110b6d2679a98d57d817bcf79bdb050de0bdd4bdab256
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
71173eb1cc84ee88adebf5552afaf335a6d6b2759d37b722b56f7d05c9abc1b4
72c2f52f592e1995ff42f5419080fdba038ff4823937bd3019d94cc64f0300d8
73431242d393f2b2932f404e6a00d234b1ca38041af6eb27470761da0d8ed2c1
743118de08e11807033615921ff81dcf28b25e07cd2da846e3a4f26db97323c0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
765622fd139915bae60e6cd2d772d7d9f4d5d72d7b3c6bc77b114f0ab52b1374
766c5335d6bdb934f5286b284ac1b0e3e07650e49212b7bf4a92eea0cd3e62b6
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
76a1297df4a557e5b8d8a5e283c4a25562f1f876523804e94b3748cb9e7b5171
7858259ae04a96e2ae7bb8180068320ed5e775ff9292cfc1fe15c24638e090f9
78bf2d1d89535409498d943275502f3f969aea6d85c3055f3ca4bce68f07a8ab
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7aefeb2b7880e534845a3d8c0c9f190e81a790a7e01ea2d9d0bbf77c323f3de0
7af7bcb99c847a3c73bd70aba0cf0cd7a27e8e21e87cc44f26941da6ac8d836b
7b796c612c8cf199b96a082ff78b85092c42b50b865da9bb026dff05771701d3
7e8350e4a058070a6b17f730e2648fb0296c9959fc2a9099ba90ee97e1b08783
7f1acab7716cffdd27f631b6fb47eaa71fabd5339a6cf701e02f6df04e7705bb
8039a6e5dd2ac0f215d2ddd0201faaea2cfbe542cac0dd2f46bb85fbce56a12a
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
8234c6fd6b3f09b5d78fdda27eb4e7daec0d3d899b86a9b190cea175627a1c89
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6
83245214087cbf2e7a0ed37bfd85986dc991412cc9448ccd88ef8b5887e21fdd
84153107c9783beb9cd872cea87403d57ef93bde35eb9c4e9432dfc9d594b94f
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8646551c797052d42f39eff2790eab3e05e2b982ae3f1cff127c0532fbf61591
888fae75611f1424ab2903529a6c4b5610d3f6be56d27beaea143bdc40b48870
8ac3dd20b181b9c53eaf4d64028f2adf3a64f6a7fdfc1a0a1d0e9b73b9bb7f10
8b6b38175d300ed73096a7c28fd39cba69509a5196bad1be6c1d3edc970414e3
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
8fac43ee42261f7c5661cfcf61b6f14c25cc5739eb683b2795734e95499cbf7f
94df7590b4dad14ca1d32dc0713d4fd8290def36b9019313898bf10546e09f4f
9565e457057d5d5dba01ca8df012d40202673e7a2d91b6505a28467b3a58d560
963ce1b1cb1251b104adcb10a022b7739dfc350cdaefc4726b8cc1dfe49b09ec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8fbf98274be3eb7cfa748c3dabd4d7a7038aef165c97357935dc28972cbb96
9c90decd6b56b50b940452832ba1225835e51c1bffe2e3f709a6f555522ecc06
9d975d91fa2b388acb2915c8312419082bd8ef1f0822811c9d3b46bd5c90e912
9e1782d352b750fc35ebc7e71aec460c0af117d826debcaef83ee6a3a1854e81
9ea36272d2e658077a02b92aa8882cb6fbce32c7a538eb5da15ca2503c9379e6
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23f0373c030d443873edaeae1c91df7e53542e4a066cb25302ad66aee65d819
a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6888a2ad35d9d5dcc3e6a916a8a05d6bd55618b690b2d2e088ccf41a5b90d0d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5ae799522edccff15f49248d591195b68a5a861e43022b82bb2a0836d1fa7
a90f04ff4bb291ae77e2fbf820fb4406eb6cdc55330a9abe48c32b3849bb7819
a9668ea9af9ccd9136f5da46260b11c5a77fe7803dad2339ada7f9c5a26f5adf
aa576095141e634d0ea80baf05f573527ef65175834ec397596318398918e384
aa5d38aafc89340b1c30b8414ce53071ad6302a50d0d82a66c4e6286c589820c
ab3be8650d8b0e39f86ddbbae4eac472a10d0098b1e4221a31d8cc0ea59b9023
abff15e5e299deb81c44592d6aad331d851c246cac9f0c6167f7a1d9a4061ab3
ac0ff298ee8a6cda0fab03b0deae9406e6e81ebb881e30313c3d3ed6497bb4e0
acf6921a36ea4f70d608b49882438f17c4af992e04e8924bc4cf7e2f8b0dae1f
ae03289bb26aefab9857ae4b0097652bc8a17643990dee384031c88775941ee9
ae48df720df9b8676ce3c65cebddc80488451d3dd9431148d588bda62814cd02
af0534dd2688e631a1634efd193a3446461fad5311f13adf20d8b64284bb58a7
af57e21392ab61f764937da2634c062094b82b086a640d7410a16aa375820da2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37841afa1a6c61128647532c2cc98a15dfa55acdbe650bfdfb44bd75faf74c7
b48cae9a9fcc318fb1c638f4097ad3ca6445c236b981998c799efdc662b6653a
b60a72e7c97720bafbdd6af909117cb5768e2444506b8893aab60b86cf54569f
b6c6f540f628a76b52f3fc70b9b62c2419dcf0e2483224911be363ac0974e861
b6e2c8cd23688bf6100d9d06fdcd6f5475e1102c6476afe80854eb2b7ae32b11
b700b2b7cc7fd1a3419f6b8d95692b2f7fd38077bbd3a289f43dd9c5d1a3dea5
b91c48f70bcd1131daa99e3404dd21f66e36dcba2ad7caa6912e0ab75f6f59ae
baac041f9cedcc851bf5855963ac7bd84908ec39613ec95d1217706b75e276b5
bae310bc89196b144d3417815b62134d10250febba08ff49feb89cfddd18c136
bb1b1b1377df2045d524f486b5f3544c065a7214d138a60ef8bc0de6e712da64
bb25e61768a5ba1c613407d3500463b9c740a9e8c1df8ed7a4e7574191c3868c
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd008c28a4a4cd8bb92782aeb00526327200b83f5c52bd10ca3b4a35ce54135f
bd1092bd9d7948bd6dad59e577665ff52e18bbe439af5c3cfb10a4660d8f27b8
c0c3207d5bd04fd85479641ac5b7a63ee3f668692d233e513be2cf4a1c05e96c
c156b1c2bdb16bb667780f4c20e8df154a718774d825a437615f7b547cce8edb
c1a7a915e4fc2cc322d4999c340614da857f4b2b4cb91dd4f727ee58f73eb21c
c216c6c4cd384219a86e806c818d4080221dc16c71c1ccb957c1349740b2ecae
c2751594edaed7b725664e41e4e8d8d46475d95520d2e9b96c73487850f8cc56
c2cae96ca169b631adf6253cd25d9b59f53f4ac3a01a2489a1279c007fcdfd37
c2e7b97014888892d70399baf2f07766517da24e1e7c94df63406e271b8831aa
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c752d8fd9ca0d1501305899db78069fa8d3aece6a134f840b3afc07ed2a7ed04
c785e2f7a197d01f41afd5667f4895dc13a7e6963413f65f99c2083d677ff1a5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c95606e1abcd77e77fd7d4d4cf3b901ae62530822b924e33c8504baba214f43e
cab069df1774bc083376940179a9ea0f2a9efe15da60f8b6445c3af85a007649
cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484
caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7
cb97c08b684a282258c65272edfbfbb33d96ae18ccce3224bb3b57d1cd017627
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce02b3d4700bffa18f3d5599306e343cd3cb6c6bf24547a6116b34b292d62910
d00df460ffc64663c41e6bce8b91d698eac4e1589c0dde647ac1e11fe8258b10
d0b545535c8c37bf9e9c596800eec809e48fb2b1aeba24936d5553d70e496b2a
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d404e01916636d8c76f737079392a2da123cf83c60ad3da1fc6fe44241db4e8b
d5864752c189fafa661db48b584f56af15a86cb34ce47f8915e365e2eb62be1e
d6a8e6fd9b427b6fbea425b0ee3043138a5ddf86b73180e9e17d61008b80d091
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d79607bda93f2f81fdc4ecc4d0a0ec8ed6d3d9a13fbad7095e90dffe1741b203
d8d860892c9a1dd820a710a980227b8403271cdcf0323c9a47d41538ccec80bd
d9756cb4924f103c0b6599af037359ef5545e4e70acb250a2fd7a795920ad519
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da03b252f14ccb757f006891da428808723e460034b7bc09446eb26bd04dd93a
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db008e4be3499f0f4baefb2a3e3ac365a85628b6b903eeb6b121f6892a733354
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dce12daa5be35bb8469cb609cb8a08a8e68c2517b5db07acbb6993184046be60
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae
dee84d8b9ff12655d177a5a253e5dc4187058a9a0ea8e7355838feae515cd529
e07dac40b96f7503f396331e32d231530f8d9bd9aa58cf25e22b17421f6d4b14
e090e54bf5dcac92b59c233a85bbd497e38f6b8527947bef154a121d24ccccd2
e13a7f8506c7cc36afe366e3ac76701428d4bbc9f4eb5577abd141e7955b6f0d
e3539d3eee69eebe924850b7e253e0d255b519d795d58cbdc2409faed2a59112
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ebf24080cc275661e2e3d40206aa070e7cfea03e9e78c89bc281d9a17de8a3
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e53958190e28b894b4019cc931f9345af5f450363c1ec0824780ed5886be1d25
e631b8c66d6cf1ad8bf6583c2da9131331d81e59ee661b81bc1ef196d1fffc1b
e750b3284638308fa6d086f25513ab840406b9fd96a6eac4159cafa18a4953b5
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
eb6dfc8d785524bfd2b29de27ecda680c59aec9482fcae32fa9e93ee24d7fb81
ed2d72c1bdd8386e80e4b57be5a95c230ca6d46384e8dd2c049299ce73073644
ef1498c18fbdfa4fb8a3184260ed9eaf5cfd862da2801150be96810ba9d4e5ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b3853b7e792cec8a88f9da8a31d2b29ee09d6a77aabc45979c9ab2937f0962
f7544e1dbf7873dca1fc645ecb23f25e5653fbc9e634944cc3e89b5e74b439ec
f7ab8e746cba0898c243fb4c5465a76ca601f0697e7f04851b316402261ec08c
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fb15b9dfd29f14b477a21f24ae72a8f2565df775f96843a7fc99fa8a4d50c162
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fe6117141d60d9c06d701717bbb787438cc5d57ce4be1a606ceb1c77511d72ba
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7b448aae0ed1d52e892fb516461921d6066180297ff446bb46c2aa04e95ad2

ktar.com Open in urlscan Pro 104.198.205.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

428 Requests

99 %HTTPS

0 %IPv6

51 Domains

78 Subdomains

56 IPs

7 Countries

8568 kBTransfer

12946 kBSize

62 Cookies

24 Outgoing links

Page URL History

Redirected requests

428 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ktar.com Open in urlscan Pro
104.198.205.129 Public Scan

Screenshot
Live screenshot

Full Image

428
Requests

99 %
HTTPS

0 %
IPv6

51
Domains

78
Subdomains

56
IPs

7
Countries

8568 kB
Transfer

12946 kB
Size

62
Cookies

428 HTTP transactions
8 data transactions