a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com Open in urlscan Pro
2606:4700:3035::ac43:97e0 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config
Submission: On June 15 via manual (June 15th 2023, 1:59:30 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3035::ac43:97e0, located in United States and belongs to CLOUDFLARENET, US. The main domain is a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com. The Cisco Umbrella rank of the primary domain is 168658.

This is the only time a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3035::ac43:97e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:893b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:79be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:62ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8ace	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:806e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	20

6 2606:4700:3035::ac43:97e0 (United States)

ASN13335 (CLOUDFLARENET, US)

a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:893b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:79be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:62ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ace (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:806e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com — Cisco Umbrella Rank: 168658	4 KB
5	google.de www.google.de — Cisco Umbrella Rank: 4835	890 B
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2890	1 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124	4 KB
4	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5008 track.hubspot.com — Cisco Umbrella Rank: 2462 forms.hubspot.com — Cisco Umbrella Rank: 4653	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	281 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	241 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	114 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 ajax.googleapis.com — Cisco Umbrella Rank: 422	35 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3763	1 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4538	88 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2377	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2379	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5195	22 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3542	3 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2641	2 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 172	589 B
43	18

	Domain	Requested by
6	a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com	a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
5	www.google.de	www.googletagmanager.com a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
4	www.google.com	1 redirects a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
4	www.googletagmanager.com	a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com www.googletagmanager.com js.hsadspixel.net
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	www.google-analytics.com	a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com www.google-analytics.com
2	api.hubspot.com	js.usemessages.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.facebook.com	a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
2	connect.facebook.net	a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com connect.facebook.net
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	1 redirects
1	ajax.googleapis.com	a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
1	fonts.googleapis.com	a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
43	23

This site contains links to these domains. Also see Links.

Domain
wiki.appodeal.com
www.appodeal.com
blog.appodeal.com
a.appbaqend.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com GTS CA 1P5	`2023-06-06` - `2023-09-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config
Frame ID: AB5DBEB09312E959FA07DCFAD32BBE1F
Requests: 40 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-T44CZWC
Frame ID: B17AB1B7B007DB5ABC6544FC6518E4CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The page you were looking for doesn't exist (404) | Appodeal Intelligent Ad Mediation

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

91 %
HTTPS

95 %
IPv6

18
Domains

23
Subdomains

20
IPs

3
Countries

616 kB
Transfer

2194 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://wiki.appodeal.com/en?__hstc=145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1&__hssc=145906155.1.1686837565678&__hsfp=3485376358
Title: Docs

Search URL Search Domain Scan URL

URL: https://www.appodeal.com/home/about/?__hstc=145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1&__hssc=145906155.1.1686837565678&__hsfp=3485376358#contacts
Title: Contact

Search URL Search Domain Scan URL

URL: https://blog.appodeal.com/?__hstc=145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1&__hssc=145906155.1.1686837565678&__hsfp=3485376358
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.appodeal.com/home/terms-of-service/?__hstc=145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1&__hssc=145906155.1.1686837565678&__hsfp=3485376358
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.appodeal.com/home/privacy-policy/?__hstc=145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1&__hssc=145906155.1.1686837565678&__hsfp=3485376358
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.appodeal.com/home/sdk-license-agreement/?__hstc=145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1&__hssc=145906155.1.1686837565678&__hsfp=3485376358
Title: SDK License Agreement

Search URL Search Domain Scan URL

URL: http://a.appbaqend.com/
Title: English

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://connect.facebook.net/en_US/fbevents.js HTTP 307
https://connect.facebook.net/en_US/fbevents.js

Request Chain 13

https://www.googleadservices.com/pagead/conversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PRmLZNTDC7zJ7_UP99-H6Ag&random=187741735&sscte=1&crd=&pscrd=IhMIlNb3zrfF_wIVvOS7CB337wGN HTTP 302
https://www.google.com/pagead/1p-conversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=187741735&sscte=1&crd=&pscrd=IhMIlNb3zrfF_wIVvOS7CB337wGN&is_vtc=1&ocp_id=PRmLZNTDC7zJ7_UP99-H6Ag&random=2679676410 HTTP 302
https://www.google.de/pagead/1p-conversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=187741735&sscte=1&crd=&pscrd=IhMIlNb3zrfF_wIVvOS7CB337wGN&is_vtc=1&ocp_id=PRmLZNTDC7zJ7_UP99-H6Ag&random=2679676410&ipr=y

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request config Show response
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/ 9 KB
4 KB 101ms
70ms Document
text/html 2606:4700:3035::ac43:97e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

HTTP/1.1

Server

2606:4700:3035::ac43:97e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3966a9ad92201c08d30996171814003925d6da52eb7a62bc8e189c2ae0ebab83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7d7b555ad94918bf-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Jun 2023 13:59:24 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEBe2LZU8eP9WwUaOUxp1Vs4ZPdf1Xq6QuApO2uBlWNDM7XeCs0tDVqlt5PSM6weYreG2wehTTV8qjNm7dS%2FtRDTRCZZ1xgyniuq1DZfmBE48u%2FwsYDnBAyK6NLpYgBdiLpJL9%2FVXObrt8Y73MK1evuE7aUwFa77Qd7HYpL0gJ5AqftFfVldvItuW54SPdoCXucMFMpjS3mNZtfO3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Backend-Server: 10.64.128.252:5001
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 395a370e-6f68-46f5-917e-45992734e0a6
X-Runtime: 0.029675
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 133ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap&subset=cyrillic

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

415a26b3209f695074cdcd0e41f75c02cafeead0de1c221522cf0f10c06b8139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Jun 2023 13:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 13:59:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jun 2023 13:59:24 GMT

GET
H2 500 appodeal.css
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/stylesheets/ 0
0 65ms
38ms Stylesheet
text/plain 2606:4700:3035::ac43:97e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/stylesheets/appodeal.css
Requested by: Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:97e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-runtime: 0.003370
date: Thu, 15 Jun 2023 13:59:24 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8%2FpKq0O0%2Bj%2Fc0kVeQcGtSx%2FVhmLvI%2F5UOXMb5zwL%2B8%2BWJeosqew%2BOUCtNHmifvZKeFFwHwgFuFJnovNmhiJMUPkifmDmQcxdbAINTMQUDWDX1%2B7yMHWc%2BKrAiF4SyoQaaGr8eAt5YE41DEtTo5oHexlULkHxa%2BcjCXIodyrNfHWhMgLiyUTlNeYl%2Bs3ewx%2BK%2BZwEGtysxVApfMFBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cf-ray: 7d7b555b8cd491d8-FRA
x-backend-server: 10.64.128.196:5001
alt-svc: h3=":443"; ma=86400
x-request-id: f448c3f6-7792-4979-b9f5-09a281891185

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 129ms
38ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 09:05:56 GMT

GET
H3 500 logo-white.svg
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/assets/images/ 182 B
182 B 34ms
34ms Image
text/plain 2606:4700:3035::ac43:97e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/assets/images/logo-white.svg
Requested by: Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:97e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0321d3386a5423a5dc2e1c1015f3e7a508e0f9bbbfde938fcf6cccf473ce24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-runtime: 0.003660
date: Thu, 15 Jun 2023 13:59:24 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceUnMl60CiAsKAWqNB6zMu6RDl8xQLMBGOi%2FYCM1cLGKrn1HPFfyqsKGCSpW9BBMHBY%2F6lWc2uioeiRHN7LZnlZ9JNNZMKKQa6NjkpVFRrDBeE4GczGkSiagB76YnEzTwha8TIZL7SioGoX5FYvqj8pulKtvg3sYCMP6CTUQwvMD4zOTTehsk9X4H6xoRBp%2BXwqWVN90IWhfjVVfjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cf-ray: 7d7b555cb80a1c0b-FRA
x-backend-server: 10.64.131.236:5001
alt-svc: h3=":443"; ma=86400
x-request-id: c07ce79c-c730-4610-bea5-5904ffe00b8d

GET
H3 500 error-404.png
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/images/appodeal/assets/images/pages/apps/ 182 B
182 B 41ms
40ms Image
text/plain 2606:4700:3035::ac43:97e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/images/appodeal/assets/images/pages/apps/error-404.png
Requested by: Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:97e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0321d3386a5423a5dc2e1c1015f3e7a508e0f9bbbfde938fcf6cccf473ce24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-runtime: 0.003511
date: Thu, 15 Jun 2023 13:59:24 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJ%2FnNB%2FvHsxllxtff64EkT2LyanOkQDiiJ4fxWn457hphqaSvpk6ugOknc4Li95e4RSoNuzdfKpCkakNsLezvYZFc3h4c0Ses0q3BdvL4u6OG6SDKT2mFilwACfTXOWlVryusC12lhl4k2YseH0B%2FopvB1o57tagc3Qx6sisEfDEwQAgVF6MWMy2Qz0VsWbnNeC8EZKT%2BnYbSjwudQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cf-ray: 7d7b555ce8421c0b-FRA
x-backend-server: 10.64.129.148:5001
alt-svc: h3=":443"; ma=86400
x-request-id: 25aebcc2-bd0e-46b9-8cc9-8a804815f67d

GET
H2 500 guest.css
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/stylesheets/appodeal/ 0
0 37ms
35ms Stylesheet
text/plain 2606:4700:3035::ac43:97e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/stylesheets/appodeal/guest.css
Requested by: Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:97e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-runtime: 0.003634
date: Thu, 15 Jun 2023 13:59:24 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0A%2B3TTH0swkAZA9IqDRM%2BQp78TdCQATjN0kdk45Rd%2F0SkrQOi6YAiez7XMso%2FnGptjoUjBdV60nb4WMcc7rlslZAnC6%2B3%2FwOQei0OzCzwnAiWHRHLvblX%2BIBdfcZMvnOEtlDAYn%2F4hRUyH6LzuG7nk85fVaJL4fs7jzsaaqHv6CKY%2FewRUKKmEo5Q2Z%2FYGIVknTP%2B5zAcOCmrdKYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cf-ray: 7d7b555c3db991d8-FRA
x-backend-server: 10.64.134.236:5001
alt-svc: h3=":443"; ma=86400
x-request-id: 8d81d45b-ae13-42be-a549-494be1160f2d

GET
H3 404 appodeal.js
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/javascripts/ 0
0 55ms
54ms Script
text/html 2606:4700:3035::ac43:97e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/javascripts/appodeal.js
Requested by: Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:97e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
77 KB 136ms
55ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7b65e3e0aaa4cdd816d19a10a126ee33782e097098199013ede922f05676865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78389
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 13:59:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 121ms
35ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 13:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3277
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 15 Jun 2023 15:04:48 GMT

GET
H2

200

fbevents.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

108 KB
28 KB

25ms
7ms

Script
application/x-javascript

2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Jun 2023 13:59:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-xss-protection: 0
pragma: public
x-fb-debug: T6heGrF0OfwmgCJkTwIcTmcJOp0L9RpDw5gJ2JJsa55vHjNqEEM1nkc01Bq5n3JluBPR0EN4MdtbCLksvtHfpg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame B17A 511 B
562 B 103ms
45ms Document
text/html 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-T44CZWC

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf1265789a042ddf28459bcf1d80adb21ef630549161f73463714b6c6326e90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:59:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 1468129376844388 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1468129376844388?v=2.9.107&r=stable

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

906e96ef5f194edd363e509775c32ce91fef55e91db52b8c0102d7abb4af0aa6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Jun 2023 13:59:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88029
x-xss-protection: 0
pragma: public
x-fb-debug: UTpf+QnaT2cTw7KMOgSqIQk8fL0crc/iagYQgxR8glXJHdUK4yJogd/3wzND4VdiNQhWZr7c/MngdOfUUTPF6Q==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 24ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1468129376844388&ev=PageView&dl=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&rl=&if=false&ts=1686837565054&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.1.1686837565052.531770856&it=1686837565004&coo=false&rqm=GET

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Jun 2023 13:59:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/957603572/ Frame B17A
Redirect Chain

https://www.googleadservices.com/pagead/conversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAA...
https://www.google.com/pagead/1p-conversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_pr...
https://www.google.de/pagead/1p-conversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_pre...

42 B
109 B

52ms
52ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=187741735&sscte=1&crd=&pscrd=IhMIlNb3zrfF_wIVvOS7CB337wGN&is_vtc=1&ocp_id=PRmLZNTDC7zJ7_UP99-H6Ag&random=2679676410&ipr=y

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-T44CZWC

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/957603572/?url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=187741735&sscte=1&crd=&pscrd=IhMIlNb3zrfF_wIVvOS7CB337wGN&is_vtc=1&ocp_id=PRmLZNTDC7zJ7_UP99-H6Ag&random=2679676410&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 js
www.google-analytics.com/gtm/ 0
0 45ms
44ms Script
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/gtm/js?id=GTM-NH46S7J&cid=199591299.1686837565
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
242 B 42ms
42ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1587855226&t=pageview&_s=1&dl=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAAEADQAAAACAAI~&jid=1601777099&gjid=421796402&cid=199591299.1686837565&tid=UA-61673428-1&_gid=1751946197.1686837565&_r=1&_slc=1&z=1123329331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957603572/ 3 KB
2 KB 151ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957603572/?random=1686837565163&cv=11&fst=1686837565163&bg=ffffff&guid=ON&async=1&gtm=45He36c0&u_w=1600&u_h=1200&url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&hn=www.googleadservices.com&frm=0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&auid=1347036926.1686837565&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6e372cb51e737cf6e935b6e2e032bd484d5a5d665fba99a4432459febc9fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1408
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5606823.js Show response
js.hs-scripts.com/ 2 KB
2 KB 233ms
211ms Script
application/javascript 2606:4700::6812:893b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://js.hs-scripts.com/5606823.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC
Protocol: HTTP/1.1
Server: 2606:4700::6812:893b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f289b7591cf1c1695f0e534029cf49c8c4124c9ab5a8ed36208f837f601082c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 13:59:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-HubSpot-Correlation-Id: 35ffe143-ec11-4da7-af58-97ded4129c1d
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 12
Connection: keep-alive
Content-Length: 657
x-evy-trace-route-configuration: listener_http/all
x-evy-trace-listener: listener_http
x-request-id: a96f0921-43ba-46f0-b4bd-911568bd2007
Last-Modified: Thu, 15 Jun 2023 13:59:25 GMT
Server: cloudflare
X-Trace: 2BBED2FF505E4A57F087DCB60093A9570CB8FCE284000000000000000000
Vary: origin, Accept-Encoding
Access-Control-Max-Age: 3600
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
x-evy-trace-virtual-host: all
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-swhgs
Accept-Ranges: bytes
CF-RAY: 7d7b555e7a822c6b-FRA
Expires: Thu, 15 Jun 2023 14:00:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
102 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P5TRZECB9B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T44CZWC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c89b6869e3a98e1596fca8c7848098a2a3e259162f3bb8af87a215764ec73326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 13:59:25 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
382 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-61673428-1&cid=199591299.1686837565&jid=1601777099&gjid=421796402&_gid=1751946197.1686837565&_u=IGBAAEACQAAAACAAI~&z=1739369539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Jun 2023 13:59:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 146ms
62ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-61673428-1&cid=199591299.1686837565&jid=1601777099&_u=IGBAAEACQAAAACAAI~&z=782550944

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 186ms
63ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-61673428-1&cid=199591299.1686837565&jid=1601777099&_u=IGBAAEACQAAAACAAI~&z=782550944

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957603572/ 3 KB
2 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957603572/?random=1686837565301&cv=11&fst=1686837565301&bg=ffffff&guid=ON&async=1&gtm=45je36c0&u_w=1600&u_h=1200&url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&hn=www.googleadservices.com&frm=0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&auid=1347036926.1686837565&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P5TRZECB9B&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca7f744591bc38f06f229246441b893a40ceba16fc0e6c9d2b5d87ff553d0f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1421
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
278 B 50ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P5TRZECB9B&gtm=45je36c0&_p=1587855226&_gaz=1&cid=199591299.1686837565&ul=en-us&sr=1600x1200&_s=1&sid=1686837565&sct=1&seg=0&dl=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P5TRZECB9B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 19ms
18ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P5TRZECB9B&cid=199591299.1686837565&gtm=45je36c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P5TRZECB9B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 121ms
84ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P5TRZECB9B&cid=199591299.1686837565&gtm=45je36c0&aip=1&z=755752064

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957603572/ 42 B
109 B 53ms
53ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957603572/?random=1686837565163&cv=11&fst=1686834000000&bg=ffffff&guid=ON&async=1&gtm=45He36c0&u_w=1600&u_h=1200&url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&frm=0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&fmt=3&is_vtc=1&random=2331087675&rmt_tld=0&ipr=y

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957603572/ 42 B
109 B 61ms
52ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957603572/?random=1686837565163&cv=11&fst=1686834000000&bg=ffffff&guid=ON&async=1&gtm=45He36c0&u_w=1600&u_h=1200&url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&frm=0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&fmt=3&is_vtc=1&random=2331087675&rmt_tld=1&ipr=y

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957603572/ 42 B
109 B 51ms
50ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957603572/?random=1686837565301&cv=11&fst=1686834000000&bg=ffffff&guid=ON&async=1&gtm=45je36c0&u_w=1600&u_h=1200&url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&frm=0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3550612418&rmt_tld=0&ipr=y

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957603572/ 42 B
456 B 51ms
51ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957603572/?random=1686837565301&cv=11&fst=1686834000000&bg=ffffff&guid=ON&async=1&gtm=45je36c0&u_w=1600&u_h=1200&url=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&frm=0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3550612418&rmt_tld=1&ipr=y

Requested by

Host: a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 13:59:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 51ms
20ms Script
application/javascript 2606:4700::6810:79be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:79be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
x-amz-version-id: wXOaVt.1FYp5SJSGbufdokAhWgyD7J.j
via: 1.1 0e0d2c849ef60f83e28215a963048fd2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P3
age: 442
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.381/bundles/pixels-release.js&cfRay=7d7b4a945faf1e6a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: eb293b44-a7a4-4595-9506-8bed7af800e5
last-modified: Mon, 05 Jun 2023 12:31:29 UTC
server: cloudflare
etag: W/"3907b3424cd18a581148905ead09299a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-s8xd8
cf-ray: 7d7b555ffec89067-FRA
x-amz-cf-id: 6Xo_8rNxstRMC_Of8jTBrYYmh4if6JClohImcY4aZ4I_hGKP-Yp09g==
x-hs-target-asset: adsscriptloaderstatic/static-1.381/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 75 KB
22 KB 62ms
30ms Script
application/javascript 2606:4700::6811:62ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:62ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbbe9c4d273a13abdade0522f1d5323410659451ef72fb80c16f372ae206b282

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
x-amz-version-id: QamE4Oe0AGtrfJSqbw051Y47gukyknvh
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 287
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13423/bundles/project.js&cfRay=7d7b4e5c3a3e1e5a-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1b2a758d-a208-4cd1-9a54-cb41b6005f00
last-modified: Tue, 13 Jun 2023 10:43:24 UTC
server: cloudflare
etag: W/"bd6464fa791153e75807e46f33ec851c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-cxzff
cf-ray: 7d7b555ffe451d96-FRA
x-amz-cf-id: VWUqnc9fdl46rQ48z7HFM3DBnjw452AtKNbn-wG52x-ejWVA2LsjDA==
x-hs-target-asset: conversations-embed/static-1.13423/bundles/project.js

GET
H2 200 5606823.js Show response
js.hs-analytics.net/analytics/1686837300000/ 66 KB
21 KB 184ms
157ms Script
text/javascript 2606:4700::6810:8ace
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1686837300000/5606823.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf096c09759ba3714de583f0fcb91aef09b3972f3e9ad87d506a3ee95f56cbc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: XX2WBEA3CBX3ZRTX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 36
x-amz-id-2: KWId8TGSh3VnxSn5VgFn+4G3cO0xZeqiGfTqZSwHKkK4IQK1Vp5ljZZ6lVYk4I/lfbaNAP8mBEc=
x-evy-trace-listener: listener_https
x-request-id: 6921f1a2-07a3-4a38-824f-cd5820423de2
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 31 May 2023 18:56:53 GMT
server: cloudflare
etag: W/"c9728cab3e432b8f017c0e75ef9fbd35"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7d7b555ffd603604-FRA
expires: Thu, 15 Jun 2023 14:04:25 GMT

GET
H2 200 5606823.js Show response
js.hs-banner.com/ 63 KB
16 KB 150ms
124ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5606823.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f789b69f040371aa19c5680bf436df2ef4a15ab34bf0c81a2bf7cf52d58e5ec3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
x-amz-version-id: 8q4n.0sgmvIIwiK8UIbE_TjDGsUulgXN
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: METWK465Q2GXRNXE
x-amz-server-side-encryption: AES256
x-amz-id-2: 3/SKeXs4thGo2YAL3epTANAo9etP+6krG3fr7j3ujVBd/7y7Ua/etadt3eJsBi4sPM/H1vTij0w=
last-modified: Mon, 17 Apr 2023 15:39:40 GMT
server: cloudflare
etag: W/"6d597f45f301bb87e87d8ee02489900a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
vary: origin, Accept-Encoding
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7d7b555ffb369b98-FRA
expires: Thu, 15 Jun 2023 14:04:25 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
88 KB 215ms
167ms Script
application/javascript 2606:4700::6811:806e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: http://js.hs-scripts.com/5606823.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:806e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c6e25ad853b5a6ad922795465a0e178c87af06b8a7ab3bde53b7b6939902c8

Request headers

Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
Origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
x-amz-version-id: 8pz0uDcBGYlrsmWQyDnHbF47HkG8cM.I
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1213/bundle/main/lead-flows-release.js&cfRay=7d7b5560186abb43-FRA
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 32
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 30a49e3c-6305-4218-a901-b2b8f5d4355e
last-modified: Tue, 06 Jun 2023 12:07:08 UTC
server: cloudflare
etag: W/"e0a28490756bd60883ddd702b459f472"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
cf-ray: 7d7b5560186abb43-FRA
x-amz-cf-id: t_qQ3MOK4ozDMHzMqgE6UGecM6mKRjGuYqg3yGSipmPux3VYpnjNow==
x-hs-target-asset: lead-flows-js/static-1.1213/bundle/main/lead-flows-release.js

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 310 B
957 B 135ms
134ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5606823&conversations-embed=static-1.13423&mobile=false&messagesUtk=e4c25311ad924a33a8533f6e6e227c5d&traceId=e4c25311ad924a33a8533f6e6e227c5d

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3099438bf25f988bd4ed920097cd3e510c573cac2a5fd0982cf98eb03f7f30da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2c0181b9-3172-4e1d-a127-eb5952742893
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400
content-length: 247
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 014fff03-c6a8-4bb7-abde-00d3dc069074
server: cloudflare
x-trace: 2BD64146543A586D621D639171670CB7BBE1C8F420000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-gm8dw
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2Gsa%2F1QsJdeMYheEP8R03QZaa%2BzN2AXF8mRP4AG8pIUgZnSuxboMG4BJBrPjVMb8VxwGIRNN4YUxjB4JWy19pCByHr3yLHeA2Svrl8O21KJVvrCvyx4W3dwuQv30%2F8F8IvkNgygYW9NMO1Mlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d7b55611bde048f-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 135ms
119ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d7b55605b3e048f-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 15 Jun 2023 13:59:25 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vgPdhr3YFd7Iq2IidXQ5rjvPESTtGAWq%2BAooWjOnhy9wzpq6Ovb2WdB%2FxYeRX5MI1FWBu%2BCr4g7I6MI4hqQ7mbKsmKrFgkPVNA%2BXGKpsNpLa2936LivlK9%2B2gNeeGRSIdefBtW2Iy2L32f9nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-lp48s
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 916b6de1-ea73-44e2-8052-a0b54996e54b
x-request-id: db413b0a-7226-4c0d-aca2-20506e0a09a9
x-trace: 2BD8AF8FFB403E8B4671E0859682B966D421A1F207000000000000000000

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 115 B
1 KB 160ms
123ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5606823

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dd38ce453a945845c239fdbad549836272c74a97dd55be343446e051aeab12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e83bab6c-b29b-4f7a-8422-3ea395fe2c19
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 74e8fb79-86bd-4025-8409-ee60bc8f13ed
server: cloudflare
x-trace: 2BD2D5A0B2692D855788C3D7224926FBCAC0A5526A000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-z5f85
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CULUWn47Ldq2bYY%2FcjS8IfWe21GhsyatnoXG6RLTZaLsLoAUS3KSsxuAystqcihFAKQLiW%2F9i7NMrWEk2sM6tRPcPALEjTJh0YCThMznsG2rPa3zHTNiy2SXD6TwYeHO3wK%2Fsb%2BES2LwpECE"}],"group":"cf-nel","max_age":604800}
cf-ray: 7d7b556119c69bca-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 148ms
129ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3485376358&v=1.1&a=5606823&pu=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&t=The+page+you+were+looking+for+doesn%27t+exist+(404)+%7C+Appodeal+Intelligent+Ad+Mediation&cts=1686837565681&vi=703425f03670ec3452696311ac6ec741&nc=true&u=145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1&b=145906155.1.1686837565678&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f9bf1daa-0a83-4b47-bd9b-96ca8b47c97d
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 648b4714-3ae7-4b80-a414-01e31d56730a
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKOgH4IbQPW4UgXP%2FubUoM5rSOAesWbnrXbVnrxnA9mlzL8gY2w0QPfI%2BBypNiwHi6bMOHX1HDeD6Yfh4%2F6ABuo0C%2BoDjNQV82qpV2gqrXmcqq4UjMwPaTVARvLCx6sCUI2M4gGXzJEOMA2j6%2BX1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-xtt4j
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7d7b5561ad383645-FRA
x-robots-tag: none

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
102 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-957603572

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b94be0bca430a46b6ecc7bbb7f3516ba5dd96bc4d54e07cf41bcbe2e62d2c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 13:59:25 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
937 B 184ms
164ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5606823&utk=703425f03670ec3452696311ac6ec741&__hstc=145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1&__hssc=145906155.1.1686837565678&currentUrl=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d55344a52f5389d718b588aa1d2f6f823adcad45541a23db9bc18991dee377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:59:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ffe64e29-f7be-485c-b8e4-4cc9dcec32ca
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bd324ddb-8580-41ca-8257-924ca99cc7df
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBKHY5T0%2BDVvifFardSmJo0DdWv4weMVg9QjX3VRNX9Xw5IsmAu%2BXHdeXZsw4nnQIwXFDjongfh4q%2BiI2ObWTS2bkigE2TOcuQEXeoq8q%2F1JOMdaCpjOf5CI9lQKQk%2B16XsQqyTg4zyed5o8qbKf"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7d7b55623d17048f-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-44rkg

GET
H2 200 /
www.facebook.com/tr/ 0
55 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1468129376844388&ev=Microdata&dl=http%3A%2F%2Fa.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com%2Fconfig&rl=&if=false&ts=1686837566559&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%20%7C%20Appodeal%20Intelligent%20Ad%20Mediation%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.107&r=stable&ec=1&o=30&fbp=fb.1.1686837565052.531770856&it=1686837565004&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Jun 2023 13:59:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 14:43:33	Name: _fbp Value: fb.1.1686837565052.531770856
.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 12:35:23	Name: _gid Value: GA1.2.1751946197.1686837565
.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 12:33:57	Name: _gat Value: 1
.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 14:43:33	Name: _gcl_au Value: 1.1.1347036926.1686837565
.doubleclick.net/	1970-01-20 12:33:58	Name: test_cookie Value: CheckForPermission
.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 22:09:57	Name: _ga Value: GA1.1.199591299.1686837565
.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 22:09:57	Name: _ga_P5TRZECB9B Value: GS1.1.1686837565.1.0.1686837565.60.0.0
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 16:53:09	Name: __hstc Value: 145906155.703425f03670ec3452696311ac6ec741.1686837565677.1686837565677.1686837565677.1
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 16:53:09	Name: hubspotutk Value: 703425f03670ec3452696311ac6ec741
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/	1970-01-20 12:33:59	Name: __hssc Value: 145906155.1.1686837565678
.hubspot.com/	1970-01-20 12:33:59	Name: __cf_bm Value: .akohsG_sPpyBQq4x0qvW92v0gHg6F66nScSGDDMw8E-1686837565-0-ARnasMFvndzMX1Pe9p+IOnPNlUsk2ocaiwr5x8g1uiSG9LqLRTrcxfZTyp2fRbdJyQYogGCziFQgmaWPRKrBZgw=

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/config Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/stylesheets/appodeal.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/stylesheets/appodeal/guest.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/assets/images/logo-white.svg Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/javascripts/appodeal.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com/images/appodeal/assets/images/pages/apps/error-404.png Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.google-analytics.com/gtm/js?id=GTM-NH46S7J&cid=199591299.1686837565 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com
ajax.googleapis.com
api.hubapi.com
api.hubspot.com
connect.facebook.net
fonts.googleapis.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.usemessages.com
region1.analytics.google.com
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.34
2001:4860:4802:34::36
2606:4700:3035::ac43:97e0
2606:4700::6810:79be
2606:4700::6810:8ace
2606:4700::6811:62ac
2606:4700::6811:806e
2606:4700::6811:cacc
2606:4700::6812:18c4
2606:4700::6812:893b
2606:4700::6813:9b53
2a00:1450:4001:802::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
11d55344a52f5389d718b588aa1d2f6f823adcad45541a23db9bc18991dee377
2b94be0bca430a46b6ecc7bbb7f3516ba5dd96bc4d54e07cf41bcbe2e62d2c8c
3099438bf25f988bd4ed920097cd3e510c573cac2a5fd0982cf98eb03f7f30da
3966a9ad92201c08d30996171814003925d6da52eb7a62bc8e189c2ae0ebab83
415a26b3209f695074cdcd0e41f75c02cafeead0de1c221522cf0f10c06b8139
53c6e25ad853b5a6ad922795465a0e178c87af06b8a7ab3bde53b7b6939902c8
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
7dd38ce453a945845c239fdbad549836272c74a97dd55be343446e051aeab12a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
906e96ef5f194edd363e509775c32ce91fef55e91db52b8c0102d7abb4af0aa6
a7b65e3e0aaa4cdd816d19a10a126ee33782e097098199013ede922f05676865
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6e372cb51e737cf6e935b6e2e032bd484d5a5d665fba99a4432459febc9fdf
bbbe9c4d273a13abdade0522f1d5323410659451ef72fb80c16f372ae206b282
bf1265789a042ddf28459bcf1d80adb21ef630549161f73463714b6c6326e90d
c89b6869e3a98e1596fca8c7848098a2a3e259162f3bb8af87a215764ec73326
ca7f744591bc38f06f229246441b893a40ceba16fc0e6c9d2b5d87ff553d0f1a
cf096c09759ba3714de583f0fcb91aef09b3972f3e9ad87d506a3ee95f56cbc8
da0321d3386a5423a5dc2e1c1015f3e7a508e0f9bbbfde938fcf6cccf473ce24
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eed334d1c96abd8c03aacf86a2a30fb9d391290f27e49b0fa456a7af8f1a1bf8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f289b7591cf1c1695f0e534029cf49c8c4124c9ab5a8ed36208f837f601082c4
f789b69f040371aa19c5680bf436df2ef4a15ab34bf0c81a2bf7cf52d58e5ec3

a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com Open in urlscan Pro 2606:4700:3035::ac43:97e0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

91 %HTTPS

95 %IPv6

18 Domains

23 Subdomains

20 IPs

3 Countries

616 kBTransfer

2194 kBSize

12 Cookies

7 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

a.a016967c8c783c38e555ae97b38fe0566ad9b398d255e32e833f160d.com Open in urlscan Pro
2606:4700:3035::ac43:97e0 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

91 %
HTTPS

95 %
IPv6

18
Domains

23
Subdomains

20
IPs

3
Countries

616 kB
Transfer

2194 kB
Size

12
Cookies

43 HTTP transactions
0 data transactions